"Yearlong Phishing Campaign Targets Energy Firms"
Researchers at cybersecurity company Intezer have discovered that a campaign that uses remote access Trojans and malware-as-a-service infrastructure for cyber espionage purposes has targeted large international energy companies for at least a year. The campaign uses spear-phishing emails to steal browser data and private information, including banking details. The campaign also is used for logging keyboard strokes of victims. The campaign uses malicious code such as Formbook and Agent Tesla, along with Loki, Snake Keylogger, and AZORult. The researchers stated that in addition to energy companies, the campaign also attacks the oil and gas, IT, manufacturing, and media sectors. Its targets are primarily based in South Korea but include companies in the U.S., the United Arab Emirates, and Germany as well, Intezer stated. While the researchers did not offer details on the number of companies affected by the attacks, they noted that 68% of the victims are in the oil, gas, and energy sectors, followed by 20% in construction, 8% in IT, and 4% in media.
DataBreachToday.com reports: "Yearlong Phishing Campaign Targets Energy Firms"