Pheno
Coverage of Pheno in the Nexus archive.
- Attacks Abuse Windows Phone Link to Steal Texts & Bypass 2FA
Hackers are using attacks to steal texts and bypass 2FA by dropping CloudZ RAT and Pheno plugin on Windows-based bridges between PCs and smartphones. These hard-to-detect attacks target the link between Windows phones and other devices. The goal is to hijack the connection for malicious purposes.
- Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs
Cybersecurity researchers disclosed details of an intrusion involving CloudZ RAT and Pheno plugin to steal credentials and one-time passwords. The attack aimed at facilitating credential theft. The CloudZ RAT and Pheno plugin were used to exploit Windows Phone Link.
- CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
A new version of CloudZ remote access tool is deploying a malicious plugin called Pheno to steal sensitive codes from mobile devices via Microsoft Phone Link. This malware abuses Microsoft Phone Link connection to hijack SMS and OTPs. The attack targets mobile devices connected to Microsoft Phone Link.