Experts On Oil And Gas Targeted In Spear-Phishing Campaign

By   ISBuzz Team
Writer , Information Security Buzz | Apr 22, 2020 06:16 am PST

The espionage hackers masquerading as a well-known Egyptian engineering contractor or a shipment company launched a sophisticated spear-phishing campaign targeting US-based oil and gas companies. What makes this particularly eye catching is the lack of typos, broken grammar and other sloppiness that are typical of phishing emails.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Josh Smith
Josh Smith , Security Analyst
April 22, 2020 2:19 pm

Malicious attackers are not above capitalizing on the coronavirus pandemic because the pandemic provides cybercriminals with the perfect pretext for their phishing emails. The targeting of US oil and gas companies should not come as a surprise, but rather a warning to other organizations. Phishing is a dangerous tactic and is widely used because of how easy it is for attackers to rinse and repeat and it works time after time. All industries, especially those hit the hardest by the economic impact of the pandemic, should be overly cautious about any email that lands in their inbox.

Agent Tesla is the #1 analyzed malware right now. Agent Tesla is a spyware trojan that steals information from its victims, including keystrokes, user interactions and application data. The creators of the malware are constantly updating it with new modules—in fact, the creators recently added the ability to steal WiFi profiles in the latest variant. Our threat intelligence team has seen Agent Tesla samples come through as JavaScript attachments, in zip files, and as .exe files.

It is marketed on its website as a legitimate personal use keylogger and the creators go as far as to provide tech support and a dedicated Discord server.

Last edited 3 years ago by Josh Smith

Recent Posts

Would love your thoughts, please comment.x