ZipLine is one of the most advanced social engineering phishing campaigns seen by Check Point Research. Attackers reverse the usual phishing flow by starting contact through a company’s public “Contact Us” form, tricking victims into initiating email correspondence. They exchange professional, multi-week email conversations and often request NDAs before sending a malicious ZIP file. The payload, MixShell, is in‑memory malware that uses DNS tunneling and HTTP fallback to stay connected and execute attacker commands. A second wave of attacks uses an AI transformation pretext, disguised as internal AI Impact Assessments. Targets are mainly U.S. manufacturing and supply chain–critical companies, where […]
The post ZipLine Campaign: Advanced Social Engineering Phishing Targets U.S. Manufacturing appeared first on Check Point Blog.
Read the original article: