Operation HookedWing Targets Over 500 Organizations in Extensive Phishing Campaign
A phishing campaign known as Operation HookedWing has targeted over 500 organizations across various sectors, including aviation, critical infrastructure, energy, logistics, public administration, and technology. The campaign, active since 2022, has stolen more than 2,000 user credentials by using phishing emails that impersonate human resources or colleagues. These emails often contain links to GitHub repositories and simulate Microsoft Outlook behavior to deceive victims. The campaign has adapted its infrastructure over the years, using GitHub domains and compromised servers, and has expanded its targeting to include French content. SOCRadar reports that the campaign focuses on environments with access to sensitive information and high-privilege credentials. 
