Information Security News mailing list archives
Hackers posed as Egyptian oil contractor in apparent spy campaign ahead of OPEC meeting
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 22 Apr 2020 07:54:30 +0000 (UTC)
https://www.cyberscoop.com/agent-tesla-oil-company-opec-phishing/ By Jeff Stone CYBERSCOOP April 21, 2020Hackers are trying to infect organizations throughout the world with a popular strain of malware by sending emails that appear to be from an Egyptian oil company.
In research published Tuesday, Romanian antivirus company BitDefender noted a surge in attempted phishing attacks that try to trick users into downloading malware by masquerading as Enppi, an oil company owned by the Egyptian government. The malware, known as Agent Tesla, is a spyware tool which enables hackers to monitor keystrokes, steal data about file downloads and collect username and password credentials from internet browsers, among other capabilities.
The number of attacks spiked in the weeks before the world’s top oil producers debated whether to cut output during a meeting between the OPEC+ alliance and the Group of 20 nations, which suggests interest in specific countries’ strategies around an international standoff that’s had ramifications for the global economy. BitDefender researchers said hackers used the tool against energy organizations in the U.S., Malaysia, Iran, South Africa, Oman, Turkey and elsewhere.
The company did not speculate on who may have been behind the espionage effort. [...]
-- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- Hackers posed as Egyptian oil contractor in apparent spy campaign ahead of OPEC meeting InfoSec News (Apr 22)