Top
image credit: Adobe Stock

Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware

March 28, 2022

A new email phishing campaign has been spotted leveraging the tactic of conversation hijacking to deliver the IceID info-stealing malware onto infected machines by making use of unpatched and publicly-exposed Microsoft Exchange servers.

“The emails use a social engineering technique of conversation hijacking (also known as thread hijacking),” Israeli company Intezer said in a report shared with The Hacker News. “A forged reply to a previous stolen email is being used as a way to convince the recipient to open the attachment. This is notable because it increases the credibility of the phishing email and may cause a high infection rate.”

Read More on The Hacker News