The threat actor PCPJack has compromised approximately 230 cloud servers across AWS, Google Cloud, and Microsoft Azure to establish a covert SMTP email relay network. The hijacked business servers spanning the U.S., Europe, and Asia were converted into SMTP proxies that were verified for mail relay capability and synchronized to downstream consumers every five minutes.
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SMTP email relay network. "Compromised business servers across the U.S., Europe, and Asia were quietly converted into SMTP proxies, verified for mail relay capability, and synced to a downstream consumer every five minutes," Hunt.io said in
Originally published at thehackernews.com
60-minute technical evaluation, no obligation. We'll map the ideas in this article to your environment.
