Posted on

Nigerian Hackers Use American Rescue Plan Act sign-up sites

unnamed 1

the staff of the Ridgewood blog

Ridgewood NJ, as part of the American Rescue Plan Act, the IRS began to distribute the first iteration of the child tax credit payments, which are automatically disbursed and do not require signing up for benefits, similar to past stimulus payments. Threat actors are quick to exploit public interests in order to carry out cyberattacks as reported by DomainTools researchers who discovered approximately 41 credential harvesting websites claiming to be American Rescue Plan Act sign-up sites. Researchers were able to trace the websites to a Nigerian web development firm, GoldenWaves Innovations. A spokesperson from GoldenWaves states their web hosting account was compromised and denies any involvement with these claims. They further stated that the sites are unable to be deleted due to illegal activity and have been forwarded to the Legal and Abuse department. DomainTools researchers assess that this activity is, in fact, linked to GoldenWaves and have reported the list of sites to Google Safe Browsing for blocking, further emphasizing the usefulness of historical WHOIS data.

Leave a Reply

Your email address will not be published. Required fields are marked *