“on the account can be shared via a share button, which generates a link hosted under kuse ’ s domain, app [. ] kuse [. ] ai. attackers abused this mechanism to host a fake blurred document that contained a link to a fake login page. url analysis - hxxps : / / app [. ] kuse [. ] a…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
95%
“,. html,. aspx ) file extensions, it can bypass filter signatures and heuristic rules that focus on more typical malicious file extensions. user experience and redirection after clicking the phishing url, the user was redirected to the legitimate ai workspace app [. ] kuse [. ] a…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
93%
“expose credentials. in this case, attackers abused the storage and sharing features of kuse, a free ai web app. this breach involved a supply chain attack, particularly a vendor email compromise ( vec ), wherein a compromised mailbox from a trusted vendor was used to send a speci…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
82%
“real - world scenarios involving ai platform abuse, vec, and blurred document lures. users should be educated on recognizing social engineering cues regardless of the hosting platform ' s reputation. - verify links beyond the domain. a legitimate domain ( e. g., app [. ] kuse [. …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.001Spearphishing Attachment
47%
“for new vectors to exploit the inherent trust placed in legitimate platforms. they abuse the storage and sharing capabilities of free services, as well as the growing interest in ai - powered web applications. using the markdown (. md ) file extension as the delivery format, comb…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
32%
“kuse web app abused to host phishing document key takeaways - the growing dependence on ai has caused a rapid emergence of ai - based tools. unfortunately, these applications have also become vectors for malicious actions, as in this case with kuse. ai. - ordinarily, kuse is a tr…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Bad actors took advantage of the legitimate name and services of Kuse, a popular AI-based app designed for workplaces. The attackers exploited the users’ trust in Kuse to carry out a phishing attack.