New AlienFox toolkit steals credentials for 18 cloud services


Threat actors can search for misconfigured servers to steal authentication keys and passwords for cloud-based email services using a new modular toolset called “AlienFox.” A private Telegram channel, which has become a common avenue for trade between hackers and malware developers, is used to sell the toolkit to cybercriminals.

The toolkit targets typical misconfigurations in well-known services including web hosting frameworks like Laravel, Drupal, Joomla, Magento, Opencart, Prestashop, and WordPress, according to SentinelLabs researchers that evaluated AlienFox.

Read More…