RSAC 2019: Joomla! Mail Flaw Exploited to Create Mass Phishing Infrastructure

RSAC 2019: Joomla! Mail Flaw Exploited to Create Mass Phishing Infrastructure

The Jmail Breaker attack leverages an old vulnerability in Joomla! along with a newly found flaw in the mail module.

UPDATE

SAN FRANCISCO — A fresh campaign from a known adversary is using a flaw in the popular Joomla! CMS platform to carry out a large-scale phishing and spam operation, according to researchers.

According to Check Point Research, the issue is with Jmail, which enables users to send mail through the platform; the firm said that it lacks security mechanisms to prevent the manipulation of messages’ HTTP headers. As a result, a cybercriminal can use Jmail for phishing, spam or, in this case, to implement a fully fledged backdoor infrastructure within the platform to carry out those first two activities at scale. ...Click Here