Unleashedmen

// "A process executes until one of the following events occurs:
//	  - Any thread of the process calls the ExitProcess function. 
//    - The last thread of the process terminates
//    - ..."
// Ref: https://learn.microsoft.com/en-us/windows/win32/procthread/terminating-a-process
//
// --------------------------------------------------------------------------------------------
// 
// The idea is to inject shellcode into another process and stomp the instructions of it's ExitProcess(). 
// So when ExitProcess is called, the thread will be redirected to the shellcode instead of exiting.

Unleashedmen

g.co, Google's official URL shortcut (update: or Google Workspace's domain verification, see bottom), is compromised. People are actively having their Google accounts stolen.

Someone just tried the most sophisticated phishing attack I've ever seen. I almost fell for it. My mind is a little blown.

1. Someone named "Chloe" called me from 650-203-0000 with Caller ID saying "Google". She sounded like a real engineer, the connection was super clear, and she had an American accent. Screenshot.

2. They said that they were from Google Workspace and someone had recently gained access to my account, which they had blocked. They asked me if I had recently logged in from Frankfurt, Germany and I said no.

3. I asked if they can confirm this is Google calling by emailing me from a Google email and they said sure and sent me this email and told me to look for a case number in it, which I saw in