Happycoin.club – Hackers have chosen users of platforms such as PayPal, Netflix, and TikTok as new targets for phishing attacks, using the latest toolkit called Matrix Push C2 for this purpose. It has become known that this tool operates through a web interface, which allows criminals to send notifications, track the actions of each target in real-time, record which specific messages users responded to, and generate compressed links using the integrated URL shortening functionality. Moreover, with the help of Matrix Push C2, attackers can monitor browser extensions, including those related to cryptocurrency wallets. The basis of the fraudulent activity lies in the use of social engineering methods, and Matrix Push C2 has customizable templates that significantly enhance the plausibility of fabricated messages. Blackfog security expert Brenda Robb noted that attackers can easily modify their phishing messages and landing pages, disguising them as well-known brands and services. The attack process involves the scammer sending the victim a phishing message, sent on behalf of a website via the web push notification mechanism, which is part of the browser’s functionality. This mechanism allows for the delivery of alerts that mimic system notifications from the operating system or browser itself. To maintain the appearance of authenticity, recognizable brands, their logos, and convincing wording are used. This mechanism, known as Matrix Push, was first detected by cybersecurity specialists in early October. No evidence of earlier versions of this tool has been found.
About the Author
