Researchers Uncover New Phishing-as-a-Service Platform Exploiting DNS MX Records

Cybersecurity researchers have revealed the existence of a new phishing-as-a-service (PhaaS) platform that exploits DNS mail exchange (MX) records to serve fake login pages mimicking around 114 brands. The company Infoblox, specialized in DNS intelligence, is tracking the actor behind this PhaaS, the phishing kit, and related activities under the name Morphing Meerkat. This new threat uses the victims' MX records to redirect users to phishing pages, thereby increasing the credibility of the attacks.