Chinese eCrime Group Targets Users in 120+ Countries to Steal Banking Credentials

Smishing Triad, a Chinese eCrime group, has launched an extensive operation targeting users across more than 121 countries.

This campaign, primarily focused on stealing banking credentials, has evolved to include diverse industries, from postal and logistics to finance and retail sectors.

Expansion of Phishing Operations

Recent data from server logs analyzed by Silent Push reveal that Smishing Triad’s infrastructure has been bustling, with over one million page visits logged in just 20 days.

This suggests the group’s SMS phishing (smishing) activities could be sending an alarmingly higher volume than the previously reported 100,000 SMS messages per day.

The group’s latest move is the introduction of the “Lighthouse” phishing kit, which signifies a marked advancement in their tactics.

This kit targets numerous financial institutions, particularly in Australia and the broader Asia-Pacific region, and includes real-time synchronization features for quicker theft of bank credentials ...