US Utilities Hit with Phishing Attack
An email phishing attack, thought to be from a nation-state actor, claims that engineers have failed licensing exams.
A new phishing attack is hitting US utilities with threats that their engineers could be in danger of losing their professional licenses. But in reality, the only danger comes from panicked employees clicking on the embedded Word document and infecting their computers with a remote access Trojan (RAT) and command-and-control proxy.
The RAT and proxy appear to originate with a nation-state actor rather than a financially motivated criminal organization. Researchers at Proofpoint found that the LookBack malware and many of the macros used in the campaign look very similar to tools used in a 2018 campaign against Japanese businesses. While the researchers note it's possible techniques are being used to mislead those trying to define attribution for the attack, a nation-state actor is almost certainly the attacker. They do not, however, identify the nation responsible.
Read more here.
Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.
About the Author
You May Also Like
Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024