Blog

Global Scale Phishing Attack Brings New Malware

May 20, 2021 | Blog

There’s an ongoing, global scale phishing attack you should be aware of, even if your firm isn’t currently being targeted by it.

The attack is being tracked by Mandiant, who recently published a report about it. According to that report, the attack was planned in waves, hitting more than 50 different organizations spanning a broad range of industries.

These attacks happened on December 2nd, December 11th, and again on December 18th, 2020.

There are two things that make this attack particularly worrisome. First, Mandiant was unable to identify a specific threat actor behind them. Due to that, they’re simply tracking the group as “UNC2529,” with the UNC identifier tagging the group as currently unknown and uncategorized.

Second is the fact that there’s obviously a high level of talent behind the attacks, as it uses highly targeted spear phishing techniques to deploy three different strains of malware never seen before. Even worse is the fact that the group has taken great pains to ensure that their malicious code lands on target systems undetected.

A spokesman for Mandiant had this to say about the attacks:

The threat actor made extensive use of obfuscation and fileless malware to complicate detection to deliver a well coded and extensible backdoor.

One interesting fact about the whole ecosystem is that only the downloader exists in the file system. The rest of the components are serialized in the registry database, which makes their detection somewhat harder, especially by file-based antivirus engines.

Masquerading as the account executive, seven phishing emails were observed targeting the medical industry, high-tech electronics, automotive and military equipment manufacturers, and a cleared defense contractor with subject lines very specific to the products of the California-based electronics manufacturing company.”

The majority of the attacks have been focused on the United States. However, roughly a quarter of them have hit organizations in Europe, Asia and Africa, making it a truly global campaign. Stay vigilant. As yet, no clear picture has emerged regarding the ultimate aims and goals of this mystery group.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech