COBALT DICKENS Group Target Universities in a Massive Phishing Campaign

No featured articles available

Check back soon for the latest updates and featured content.

Security researchers have discovered a new phishing campaign by threat actor group COBALT DICKENS targeting universities

Security researchers have discovered a new phishing campaign by threat actor group COBALT DICKENS targeting universities. “Secureworks® Counter Threat Unit™ (CTU) researchers discovered a URL spoofing a login page for a university. Further research into the IP address hosting the spoofed page revealed a broader campaign to steal credentials.” The massive phishing campaign was discovered by researchers at SecureWorks and which involves the use of over 300 spoofed websites and login pages of for 76 universities located in 14 countries. The campaign target universities located in countries such as Australia, Canada, China, Israel, Japan, Switzerland, Turkey, the United Kingdom, and the United States. Once victims enter their credentials in the fake login page, they are redirected to the legitimate website where they are automatically logged into a valid session or will be asked to enter their credentials again. Most of the spoofed domain were referenced to the targeted universities online library system indicating that attackers behind the campaign were interested in gaining access to those resources. Many of domain used in the campaign were registered between May and August 2018 and most recent being registered on August 19. The domain resolved to same to the same IP address and DNS name server. According to researchers the infrastructure to support this campaign is still being created. One of the domains registered in May 2018 also contained subdomains spoofing university targets, and these were redirected to fake login pages of other domains controlled by attackers. The campaign infrastructure is similar to the previous campaigns by Iran-linked COBALT DICKENS group. “Universities are attractive targets for threat actors interested in obtaining intellectual property. In addition to being more difficult to secure than heavily regulated finance or healthcare organizations, universities are known to develop cutting-edge research and can attract global researchers and students. CTU researchers have contacted various global partners to address this threat. “ said in the post published SecureWorks researchers.

Google Ads Exploited in Cyberattack: Hackers Steal Login Details and 2FA Codes

Murdoc Botnet Exploits AVTECH Cameras and Huawei Routers

Authquake Attack Bypasses Microsoft MFA, Exposing Critical Security Vulnerabilities

Strategies for Mitigating Cyber Threats in 2025

Cybersecurity Threats in Social Media Networks: Protecting User Data

AI in Data Privacy Compliance

Secure Boot Bypass Flaw Found in Palo Alto Firewalls

Volkswagen Faces Major Breach: Data of 800K EV Customers Leaked

Successful CISO – Is a Business Enabler the Need of the Hour?

Behind the Job Title: Information Security Consultant

Cybersecurity Threats in Social Media Networks: Protecting User Data

AI in Data Privacy Compliance

No featured articles available

COBALT DICKENS Group Target Universities in a Massive Phishing Campaign

Security researchers have discovered a new phishing campaign by threat actor group COBALT DICKENS targeting universities

Share Your Story!

No featured articles available

Security researchers have discovered a new phishing campaign by threat actor group COBALT DICKENS targeting universities

Stay Updated with the Latest Cybersecurity News