Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

‘CoGUI’ phishing kit helps Chinese hackers target Japan

(Kasia Derenda / Unsplash)

By Nate Nelson

Chinese cybercriminals are using a new phishing kit to spread hundreds of millions of malicious emails in Japanese.

No threat actor, crimeware-as-a-service (CaaS) platform, or malware campaign in the world today is more voluminous a threat than “CoGUI,” according to new research from Proofpoint. In January, threat actors used it to run more than 50 campaigns encompassing 172 million phishing emails in all. Last month, it was 40 campaigns and more than 100 million emails.

CoGUI services users in China who, with the rise of such tools as Lucid and Darcula, have been enjoying a golden era of phishing-as-a-service (PhaaS) in recent months. Technically, CoGUI overlaps with Darcula, though it lacks Darcula’s ability to intercept two-factor authentication (2FA) codes, and it’s oriented toward slightly different use cases.

Read more at Dark Reading

Click to listen highlighted text!