On 22 January 2023, security expert Bruce Schneier highlighted a spike in fake websites purporting to be trusted sources, such as Reddit, WeTransfer, Cloudflare, and Dropbox, amongst many others.
The actual sites are being abused to host malware payloads, while the look and feel of the fake sites closely mimic the real organisation to deceive users.
This is a clear indication that fraudsters are actively capitalising on the trust people inherently have in such brands.
The Diana Harvest malware, which is commercially available and suitable for novice hackers to use, appears to be behind this recent spree of sites pushing malware.
Already a lucrative market, the sale of such espionage wares is driving greater sophistication in this arena, fuelled by the ever-expanding range of techniques and more frequent updates to these tools.
The second article highlighted how journalists and civil society members using WhatsApp are being targeted by the Paragon spyware.
This points to a trend where commercial spyware is being used to target individual users rather than organisations.