Cybercriminals behind Zhong Stealer don’t rely on complex exploits or high-tech hacking tools to break into businesses. Instead, they use a low-effort but highly effective scam that plays on human nature: urgency, confusion, and frustration.
As noted by ANY.RUN researchers, the attack unfolds in a calculated, repetitive pattern designed to wear down customer support agents:
- A new support ticket appears but the sender’s account is brand new and completely empty. There’s no history, no past interactions, just a vague request for help.
- The attacker types in broken language, usually Chinese, making the conversation difficult to follow. This adds an element of confusion and makes the request seem more urgent.
- A ZIP file is attached, supposedly containing screenshots or other necessary details for the request. The attacker insists the support agent must open it to understand the issue.
- If the agent hesitates, the attacker becomes increasingly frustrated, pressuring them to act.
You must log in or register to comment.