Daniel Kelley

SlashNext

By Daniel Kelley Security Researcher We recently uncovered GoIssue, a tool marketed on a cybercrime forum that allows attackers to extract email addresses from GitHub profiles and send bulk emails directly to user inboxes. GoIssue signals a dangerous shift in targeted phishing that extends beyond individual developers to threaten entire ... Read More

Novel anti-bot services are being advertised on the dark web, offering cybercriminals advanced tools to bypass Google’s protective ‘Red Page’ warnings in a concerning development for cybersecurity teams. These services represent the latest evolution in the ongoing cat-and-mouse game between cybercriminals and security measures. To learn more about combating phishing ... Read More

Our team has been investigating the latest services and infrastructure available to cybercriminals for orchestrating SMS phishing campaigns. After analysing cybercrime forums, it is clear that SMS gateways are currently a highly popular method, thanks in no small part to the minimal cost.  With these SMS gateways, cybercriminals can send ... Read More

Our team has been investigating the latest services and infrastructure available to cybercriminals for orchestrating SMS phishing campaigns. After analysing cybercrime forums, it is clear that SMS gateways are currently a highly popular method, thanks in no small part to the minimal cost.  With these SMS gateways, cybercriminals can send ... Read More

Pandora hVNC is a remote access trojan (RAT) that has been advertised on cybercrime forums since 2021. Surprisingly, it has received little attention from the cybersecurity community. Despite this, it remains a widely used tool and is favoured by many threat actors. Pandora hVNC enables attackers to gain covert control ... Read More

An in-depth investigation of a new AI chatbot called Abrax666 advertised on cybercrime forums reveals multiple red flags suggesting it’s likely a scam. With a negative review after communication, no seller deposit, exaggerated capabilities claimed, and zero evidence of satisfied customers, we judge that Abrax666 has no credibility as a ... Read More

  Discover the history, types, and threats of QR codes, including quishing and QRLJacking. Learn why QR phishing is effective and how it exploits user trust, convenience, and bypasses security filters. Understanding QR Codes: A Brief History QR codes, or quick response codes, have become ubiquitous in recent years. These ... Read More

Cyberattacks are becoming increasingly common and sophisticated. One particular concern is the rising misuse of popular platforms like Airbnb. This blog post highlights how cybercriminals exploit Airbnb for fraudulent activities. Cybercriminals Target Travelers Cybercriminals are constantly developing new ways to exploit popular online platforms for malicious purposes. With over 7 ... Read More

The rise of AI-powered cybercrime tools like WormGPT and FraudGPT has significant implications for cybersecurity as the future of malicious AI is rapidly developing daily. Learn about the tools, their features, and their potential impact on the digital landscape. The Rise of AI-Powered Cybercrime: WormGPT & FraudGPT On July 13th, ... Read More

In this blog post, we delve into the emerging use of generative AI, including OpenAI’s ChatGPT, and the cybercrime tool WormGPT, in Business Email Compromise (BEC) attacks. Highlighting real cases from cybercrime forums, the post dives into the mechanics of these attacks, the inherent risks posed by AI-driven phishing emails, ... Read More