Windows Phone Link Exploited by CloudZ RAT and Pheno Plugin for Credential Theft

Cybersecurity researchers disclosed an intrusion involving the CloudZ remote access trojan (RAT) and a previously undocumented plugin named Pheno, designed to steal victims' credentials and one-time passwords (OTPs). The attack exploited Windows Phone Link, though specific technical mechanisms or affected versions were not detailed. No dates, CVE IDs, or victim demographics were provided in the report. The primary impact includes unauthorized access to sensitive authentication data, including login credentials and OTPs. The disclosure highlights the RAT’s and plugin’s functionalities as the core tools for credential theft.