Multiple groups of attackers successfully compromised corporate email accounts of at least 156 high-ranking officers at various firms based in Germany, the UK, Netherlands, Hong Kong, and Singapore. Group-IB Threat Intelligence team published a report today and shared with The Hacker News. Most PerSwaysion operations were orchestrated by scammers from Nigeria and South Africa who used a Vue.js JavaScript framework-based phishing kit, evidently, developed by and rented from Vietnamese speaking hackers. The attackers pick legitimate cloud-based content sharing services such as Microsoft Sway, SharePoint, and OneNote to avoid traffic detection.
Source: https://thehackernews.com/2020/04/targeted-phishing-attacks-successfully.html