Water Dybbuk Using Open-Source Toolkits To Carry Out BEC Campaign

February 9, 2023

The Water Dybbuk threat group targets large companies around the world with a Business Email Compromise (BEC) campaign to steal credentials. The initial attack vector consists of spear-phishing emails with malicious attachments directing victims to malicious websites. The operation uses the BadaxxBot toolkit and Evilginx framework along with the JavaScript Obfuscator Tool to carry out the operation.

Featured Resources

blog

From Beginnings to Breakthroughs: The Cymulate Story

Cymulate was founded in 2016, but the idea behind it dates back much further than that. When we first began

E-BOOK

Putting the Validation in Exposure Management

4 Best Practices to Drown Out the Noise and Focus on the (truly) Exploitable SecOps teams struggle with the daily

blog

CISA Alert – Is Your Organization Exposed?

Cybersecurity is no longer a luxury, it’s a necessity with new threats emerging every day. Every day the Cybersecurity and

Subscribe to Our Blog

Subscribe now to get the latest insights, expert tips and updates on threat exposure validation.