Aggressive social engineering campaign uncovered in Europe

[InfoSec News <alerts () infosecnews org>]

http://www.csoonline.com/article/739117/aggressive-social-engineering-campaign-uncovered-in-europe

By Steve Ragan
Staff Writer
CSO Online
September 04, 2013

Earlier this year, Symantec discovered an aggressive social engineering 
campaign targeting a limited set of multi-national firms in Europe. The attacks 
were by the book, employing classic techniques, eventually netting the 
criminals vast sums of stolen funds for their efforts.

In April, an administrative assistant working in a French-based multi-national 
firm got an email that referenced an invoice hosted in a filesharing service 
(such as Dropbox). A few moments later, a person posing as a senior executive 
within the same firm -- speaking flawless French -- spoke with authority and 
requested that she process the invoice referenced in the email.

"Over the last few months, we've seen hackers use more multi-staged social 
engineering attacks to penetrate various organizations. [This recent] attack is 
a prime example of how one such group used several principles of influence to 
get the target to take an action they shouldn't have," said Chris Hadnagy of 
Social-Engineer, Inc., in an email to CSO.

The administrative assistant processed the invoice without question, unaware 
that the file was actually a Remote Access Trojan (RAT) configured to 
communicate with a server in the Ukraine. Once installed, the attacker used the 
RAT to take control over the assistant's workstation, logging keystrokes, 
monitoring the desktop, and exfiltrating files for later examination.

[...]



--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/