Email security, Vulnerability Management, Threat Management

Russia-Ukraine war used in Mustang Panda attacks against European, APAC orgs

Organizations in Europe and the Asia Pacific are being targeted by Chinese state-sponsored hacking group Mustang Panda, also known as Earth Preta, HoneyMyte, Bronze President, Red Lich, and RedDelta with phishing lures related to the ongoing war between Russia and Ukraine, The Hacker News reports. Mustang Panda's latest campaign involves the delivery of phishing emails containing a decoy archive with a Microsoft Word file that uses DLL side-loading to trigger PlugX execution in memory, according to a report from BlackBerry. "Their attack chain remains consistent with the continued use of archive files, shortcut files, malicious loaders, and the use of the PlugX malware, although their delivery setup is usually customized per region/country to lure victims into executing their payloads in the hope of establishing persistence with the intent of espionage," said BlackBerry researcher Dmitry Bestuzhev, who added that there was no overlap between the attacks and those reported by Trend Micro last month.

Related

Lincoln Project loses $35K following BEC attack

U.S. political action committee Lincoln Project, which was formed in 2019 to counter former President Donald Trump's re-election bid, has been impacted by a business email compromise attack in February that resulted in the exfiltration of $35,000, reports The Record, a news site by cybersecurity firm Recorded Future.

US automaker subjected to FIN7 attack

BlackBerry researchers disclosed that a major U.S.-based multinational automaker had been targeted by the FIN7 hacking group in a spear-phishing attack late last year that sought to facilitate systems compromise with the Anunak malware, BleepingComputer reports.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.