An attacker has been found using the legitimate ClickFunnels service to bypass security services and redirect users to malicious links.
Security Researcher at Avanan check point software The company discussed its findings in an advisory shared with Information security And it was released earlier today.
“ClickFunnels is an online service that helps entrepreneurs and small businesses generate leads, build marketing engines, and grow their businesses,” said Jeremy Fuchs, Marketing Content Manager at Avanan. “But hackers are using it to bypass security services.”
More specifically, attackers are abusing ClickFunnels functionality to create pages with malicious links and ultimately perform credential harvesting attacks.
“We always talk about ‘The Static Expressway,’ which is the practice of using legitimate sites to host and deliver malicious pages,” said Fuchs. I have written“Essentially, it’s a way of hiding malice in the legitimate.”
A good example of this is ClickFunnels, a platform commonly trusted by security engines. Therefore, links delivered by email successfully bypass email protection solutions.
“We’ve seen it time and time again. Whether you’re using AWS, Microsoft Voice, or Facebook, this is a powerful way to access your inbox,” Fuchs added.
“This takes advantage of the fact that security services cannot outright ban popular sites. Hackers can jump on the backs of these, infiltrate inboxes, and scam users.”
To protect against similar attacks, Avanan requires users to manually check URLs in emails and browsers before clicking them, and ask senders if they intend to use a particular site to send documents. is recommended.
Technical articles are written by security researchers Cofence reported the use of the Telegram bot as a phishing information extraction tool. 800% increase Between 2021 and 2022.
Most recently, the Abnormal Security team discovered a new and highly successful Business Email Compromise (BEC) group. Commonly known as “Firebrick Ostrich” It has targeted several victims over the past two years.
