Intel Name: Invisible obfuscation technique used in pac attack
Date of Scan: February 19, 2025
Impact: Medium
Summary: The “Invisible Obfuscation Technique Used in PAC Attack” involves encoding binary data using Hangul half-width and full-width Unicode characters, representing 0 and 1, to hide a payload in a JavaScript script. This technique, first demonstrated in October 2024, was incorporated into a phishing attack targeting affiliates of a major American political action committee (PAC) in January 2025. The payload is executed through a Proxy get() trap when accessed.
