• No, the government isn't fining you for a traffic offense it's m

    From TechnologyDaily@1337:1/100 to All on Thu Apr 4 16:30:05 2024
    No, the government isn't fining you for a traffic offense it's malware

    Date:
    Thu, 04 Apr 2024 16:17:28 +0000

    Description:
    A new campaign was observed targeting energy companies with an elaborate phishing email.

    FULL STORY ======================================================================

    No, your companys vehicle wasnt involved in a car crash, and youre not
    getting a five-figure fine for it from the government - its all an elaborate scheme to get you to install information-stealing malware on your computer, experts have warned.

    Cybersecurity researchers from the Cofense Intelligence Team recently published a new blog in which they detailed a new phishing campaign that reaches its targets at an alarming rate.

    In this campaign, the attackers are deploying a creative lure, and pairing it with multiple cloak-and-dagger methods to bypass email protection solutions. Furthermore, they are impersonating the Federal Bureau of Transportation to scare the victims into downloading and running the attachment. Open redirects and impersonation

    In the campaign, the unnamed attackers tell their victims that a company car was involved in an accident. The victims are mostly in the Oil and Gas
    sector, although Cofense isnt sure exactly why. They speculate that the attackers could pivot to other industries rather fast, and will probably do that soon.

    The phishing email comes with an embedded link that abuses open redirects, a vulnerability that allows an attacker to use a legitimate website as a stepping stone towards the malicious one. In this campaign, Google Maps and Google Images are being leveraged. The embedded link then redirects to a URL shortener, which then opens a site that hosts a PDF file.

    This file is seemingly from the Federal Bureau of Transportation, and
    mentions a possible fine of $30,000 for the incident. It also comes with a clickable image, which triggers the download of a .ZIP file which hosts the Rhadamanthys Stealer. As soon as the file is run, it establishes a connection to the command and control (C2) server, and grabs the victims login credentials, cryptocurrency wallet data, and other sensitive files.

    As usual, the best way to defend against these attacks is to use common sense and think twice before downloading and running email attachments. More from TechRadar Pro This devious malware will let hackers restore deleted cookies and hijack your Google account Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/no-the-government-isnt-fining-you-for-a -traffic-offense-its-malware


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)