Hackers Abuse SniperDz PhaaS Ecosystem for Brand Impersonation and Browser Hijacking

SniperDz is a turnkey Phishing-as-a-Service and Push-Notification-as-a-Service ecosystem enabling large-scale social-media phishing in the Middle East and North Africa; attackers use link-aggregation intermediaries, multi-stage redirects, cloaking, browser-push subscription abuse (shared VAPID key), and history/tab manipulation to trap victims and deliver scams and unsolicited/malicious content. The report includes multiple IoCs (domains, IPs hosted by Horizon IS, sample URLs and a recurring VAPID public key) and recommends revoking browser notification permissions and treating redirection chains as suspicious.