A phishing campaign designed to collect Zimbra user credentials was uncovered by ESET. Zimbra Collaboration is an open-core collaborative software platform. The campaign has been active since at least April 2023 and is still ongoing.
The campaign’s targets are a variety of small and medium businesses and governmental entities. According to researchers, the largest number of targets are located in Poland; however, victims in other European countries such as Ukraine, Italy, France and the Netherlands are also targeted. Latin American nations were hit too; Ecuador tops the list of detections in that region.