The SlowMist Security Team has uncovered a newly identified method employed by malicious actors. The new strategy exploits the widely used Calendly, a free application widely used for scheduling appointments and meetings, with additional support for sending invitations for upcoming events.
Read also: Cybersecurity Experts Detect a Rise in Predictive Address Attacks
According to cybersecurity experts, hackers are currently exploiting Calendly's "Add Custom Link" feature to insert malicious links into event pages, triggering phishing attacks.
"Malicious links sent by hacker organizations through Calendly are well-integrated with the daily work backgrounds of most users, so these malicious links are not easy to arouse suspicion," SlowMist explains in today’s post on X, adding that "Users are likely to click malicious links accidentally, download and execute malicious code unknowingly, and suffer losses."
The SlowMist team strongly advises exercising caution when dealing with links within the Calendly interface, with a specific focus on scrutinizing their sources and domains. They recommend hovering over links before clicking to verify the address, providing an essential step to prevent potential harm.
Read also: Onyx Community Worried About Mass XCN Withdrawal Post-Hack
Meanwhile, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) declared sanctions against Sinbad.io, a well-known cryptocurrency mixer that enables users to obscure the origins of their assets. According to the OFAC, this specific mixer played a key role as one of the primary tools utilized for money laundering by the Lazarus Group, a notorious hacking team backed by the North Korean government.