"New 'LazyScripter' Hacking Group Targets Airlines"

Researchers at the cybersecurity firm Malwarebytes have discovered a new Advanced Persistent Threat (APT) group dubbed LazyScripter. The hacking group targets airlines that use the BSPLink financial settlement software made by the International Air Transport (IATA). LazyScripter's most recent attacks used phishing emails that mimic the IATA ONE ID, a contactless passenger processing tool. According to the researchers, the threat remained unnoticed for about two years. One of the group's earliest attacks targeted individuals seeking to immigrate to Canada. The toolset used by the group for its attacks has evolved over time. Their toolset has included Octopus remote access Trojans (RATs), Remcos RATs, PowerShell Empire, and more. This article continues to discuss the LazyScripter hacking group's targets, methods, and tools. 

Security Week reports "New 'LazyScripter' Hacking Group Targets Airlines"