Spear phishing attack hits more than 400 industrial companies

1 Comment

Phishing

Researchers at Kaspersky Lab have detected a new wave of spear phishing attacks disguised as legitimate procurement and accounting letters, that have hit more than 400 industrial organizations.

The emails have targeted approximately 800 employee PCs, mostly in Russian companies, with the goal of stealing money and confidential data from the organizations, which could then be used in new attacks.

The emails are disguised as legitimate procurement and accounting letters, containing content that corresponded to the profile of the attacked organizations and took into account the identity of the employee -- the recipient of the letter. The attackers addressed the targeted victims by name, suggesting that the attacks were carefully prepared and that criminals took the time to develop an individual letter for each user.

If recipients clicked on the malicious attachments, modified legitimate software was discreetly installed on the computer so that criminals could connect to it and examine documents and software related to procurement, financial and accounting operations. Furthermore, the attackers were looking for different ways to commit financial fraud, such as changing details in payment bills in order to withdraw money for their benefit.

They also uploaded additional software to give themselves extra capabilities. This included spyware, additional remote administration tools that extend the control of attackers on infected systems and malware to exploit vulnerabilities in the operating system, as well as the Mimikatz tool that allows users to obtain data from Windows accounts.

"The attackers demonstrated a clear interest in targeting industrial companies in Russia," says Vyacheslav Kopeytsev, security expert at Kaspersky Lab. "Based on our experiences, this is likely to be due to the fact that their level of cybersecurity awareness is not as high as it is in other markets, such as financial services. That makes industrial companies a lucrative target for cybercriminals -- not only in Russia, but across the world."

You can find out more about the attacks on the Kaspersky blog.

Image Credit: Maksim Kabakou / Shutterstock

1 Comment

One Response to Spear phishing attack hits more than 400 industrial companies

Got News? Contact Us

Recent Headlines

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

Microsoft tries to calm fears after Edge update also appeared to install Copilot in Windows Server

MenteeBot is an AI-powered humanoid robot coming to your home and workplace in 2025

CISOs not changing priorities in response to AI threats

80 percent of companies don't have sufficient cyber insurance

Get 'Windows Server 2022 & PowerShell All-in-One For Dummies' (worth $30) for FREE

Cybercriminals take aim at ERP apps

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

60 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

17 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

16 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

15 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

Install the KB5035942 update for Windows 11 to gain all of the Moment 5 features right now

8 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.