![]() To trap the employees, the recruiters tell them that they are elites and a spot at Collins Aerospace is waiting for them. They send messages to employees associated with different aerospace and defense firms in Europe. LinkedIn users act as recruiters from Collins Aerospace, which is a subsidiary of Raytheon, and General Dynamics. The campaign, ESET researchers explained, starts with flattery. To operate under the radar, the attackers frequently recompiled their malware, abused native Windows utilities, and impersonated legitimate software and companies,” researchers wrote in their report. “They were highly targeted and relied on social engineering over LinkedIn and custom, multistage malware. This assumption is based on the fact that NukeSped was used by North Korean computer operators on Korean-speaking MacOS users previously. Moreover, researchers suspect that the Lazarus Group is backed by the North Korean government as it may need to fund its illegal missile and weapons programs. For instance, some of the malicious tools used by the hackers in this campaign are the same that Lazarus hackers had used in the past, for example, the NukeSped backdoor. The financial motivation of attackers and the way this campaign has been designed forced ESET researchers to believe that the notorious hacking group from North Korea know as Lazarus is involved. See: LinkedIn Phishing Scam Steals Gmail Credentials Through Google Docs ![]() However, it was observed in at least one of the incidents that the attackers tried to access the email account of the victim using a business email compromise (BEC) attack in the final stages of Operation In(ter)caption. ![]() ![]() T he campaigners attempt to lure company employees to extract money and/or sensitive documents.ĭubbed Operation In(ter)caption the campaign was active from September to December 2019, and espionage is declared the primary objective behind this campaign. The prime target of this campaign is officials from military and aerospace organizations.Ī new, highly sophisticated espionage campaign targeting military and aerospace organizations across Europe and the Middle East has been discovered by cybersecurity firm ESET’s researchers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |