Summary: A new JavaScript obfuscation technique using invisible Unicode characters is being exploited in phishing attacks against an American political action committee (PAC). The method, first disclosed in late 2024, allows attackers to conceal malicious code which reduces the chances of detection by security measures. These attacks employ personalized targeting and sophisticated evasion tactics, highlighting the swift adaptation of emerging security research into real-world threats.
Affected: American political action committee (PAC)
Keypoints :
- Use of invisible Hangul characters to obfuscate JavaScript payloads, making the code appear empty.
- Incorporation of personalized non-public information and evasive techniques such as debugger breakpoints to complicate detection.
- Potential wider adoption of this obfuscation method among attackers, following its initial success in phishing campaigns.