Back

30,000 Accounts Compromised in Google AppSheet Phishing Campaign

Severity: High (Score: 68.0)

Sources: Gbhackers, Thehackernews, Cybersecuritynews

Summary

A cybercriminal operation named 'AccountDumpling' has compromised around 30,000 Facebook accounts globally. This campaign, linked to Vietnamese attackers, utilizes Google’s AppSheet platform to bypass email security measures. By sending authenticated phishing messages through legitimate channels, the attackers successfully collect user credentials and identity documents. The stolen accounts are believed to be monetized in various ways. Guardio Labs discovered the operation, which has raised significant concerns about the effectiveness of current email security protocols. The attack highlights the vulnerabilities associated with using legitimate platforms for malicious purposes. As of now, the campaign continues to pose a risk to users worldwide. Key Points: • 30,000 Facebook accounts compromised in a phishing campaign linked to Vietnam. • Attackers exploit Google AppSheet to bypass traditional email security filters. • Stolen accounts are being monetized, raising concerns about user data safety.

Key Entities

  • Phishing (attack_type)
  • AccountDumpling (campaign)
  • Facebook Phishing Campaign (campaign)
  • T1566 - Phishing (mitre_attack)
  • AppSheet (platform)
  • Facebook (platform)
  • Netlify (platform)
  • Telegram (platform)
  • Google AppSheet (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed