Summary: The e-card platform GroupGreeting.com was targeted in a widespread cyberattack known as the “zqxq” campaign, affecting thousands of websites through sophisticated JavaScript injection techniques. This attack highlights the vulnerabilities of trusted platforms, especially during periods of high user activity.
Threat Actor: Cybercriminals | zqxq
Victim: GroupGreeting.com | GroupGreeting.com
Key Point :
- Obfuscated Code: Malware hides in legitimate files using scrambled variables and custom functions, evading detection.
- Traffic Direction Systems (TDS): Malicious scripts redirect users to exploit kits or phishing sites after validating user properties.
- Massive Scale: Over 2,800 websites were compromised, exploiting vulnerabilities in popular content management systems.
- Potential Impact: Victims face redirects to malicious domains, persistence mechanisms for reinfection, and secondary payloads like credential theft.
- Similarities: The “zqxq” campaign shares tactics with previous JavaScript threats, demonstrating a growing trend in cyberattacks.
Source: https://securityonline.info/groupgreeting-e-card-platform-compromised-in-zqxq-campaign/