Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware
A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT
Social engineering manipulates people into revealing access or approving actions, causing compromise; verify requests and enforce least privilege.
Search across headline titles and summaries.
Background for this topic.
Social engineering is the deliberate manipulation of people into disclosing information, bypassing a control, or performing an action for an attacker. It commonly uses phishing, voice or text messages, impersonation, pretexting, and physical access attempts. In a threat model, the attacker targets trust, urgency, authority, or helpfulness rather than exploiting software directly. Successful deception can expose credentials or personal data, authorize fraudulent payments, enable malware delivery, or provide an initial foothold for account or network compromise.
Effective defenses make sensitive requests independently verifiable and limit the damage of a mistake. Use phishing-resistant multi-factor authentication where practical, least-privilege access, and approval or call-back procedures for payments, password resets, and changes to account or banking details. Staff should have a simple way to report suspected messages without penalty; security teams can then investigate related accounts, messages, and login activity, revoke exposed credentials, and contain follow-on access. Awareness training helps people recognize pretexts, but should reinforce these technical and procedural controls rather than rely on vigilance alone.
A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT
Teach a crook to phish… Criminals can more easily pull off social engineering scams and other forms of identity fraud thanks to custom voice-phishing kits being sold on dark web forums and messaging platforms.…
Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks. BleepingComputer has learned that these kits are being used in active attacks to steal Okta SSO credentials for data theft. [...]
Microsoft will soon add new fraud protection features to Teams calls, warning users about external callers who attempt to impersonate trusted organizations in social engineering attacks. [...]
Decentralization and Sprawl Complicate University IT ProgramsSeveral Ivy League universities - including Harvard and Princeton - experienced hacks in 2025 through unpatched enterprise software and sophisticated social engineering campaigns, showing that even the nation's wealthiest universities are vulnerable.
The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a Python-based RAT.