Operation HookedWing is a long-running phishing campaign that has operated for more than four years, stealing over 2,000 credentials from more than 500 organizations across multiple sectors. It uses Microsoft- and Outlook-themed lures, GitHub-hosted infrastructure, and increasingly tailored landing pages to collect email, password, IP address, geolocation, and organization data. #OperationHookedWing #SOCRadar #Microsoft #Outlook #GitHub
Keypoints
- Operation HookedWing has been active for more than four years.
- It has stolen over 2,000 credentials from more than 500 organizations.
- The campaign targets aviation, energy, finance, government, logistics, and technology sectors.
- It uses GitHub domains, compromised servers, and Microsoft and Outlook-themed phishing pages.
- The attackers collect credentials, IP addresses, geolocation, and source URLs from victims.
Read More: https://www.securityweek.com/over-500-organizations-hit-in-years-long-phishing-campaign/