Select Page

Tax-paying individuals in Mexico and Chile have been targeted by a Mexico-based cybercrime group that goes by the name Fenix to breach targeted networks and steal valuable data.

A key hallmark of the operation entails cloning official portals of the Servicio de Administración Tributaria (SAT) in Mexico and the Servicio de Impuestos Internos (SII) in Chile and redirecting potential victims to those sites.

“These fake websites prompt users to download a supposed security tool, claiming it will enhance their portal navigation safety,” Metabase Q security researchers Gerardo Corona and Julio Vidal said in a recent analysis.

“However, unbeknownst to the victims, this download actually installs the initial stage of malware, ultimately enabling the theft of sensitive information such as credentials.”

images from Hacker News