Network Security, Phishing, Email security

US automaker subjected to FIN7 attack

A computer screen displays a digital alert of an email phishing threat, accompanied by a striking red warning sign.

BlackBerry researchers disclosed that a major U.S.-based multinational automaker had been targeted by the FIN7 hacking group in a spear-phishing attack late last year that sought to facilitate systems compromise with the Anunak malware, BleepingComputer reports.

Such an intrusion involved the deployment of spear-phishing emails aimed at the automaker's IT department employees that included links redirecting to a typosquatted version of a legitimate Advanced IP Scanner, which again redirected to a now-offline site that downloaded the weaponized installer, the report showed. Researchers noted that installer execution eventually resulted in the decryption of a file with the Anunak payload, which FIN7 has used alongside the Diceloader and PowerPlant malware tools.

While the attack had not successfully compromised other systems, organizations have been urged to bolster phishing attack defenses by universally adopting multi-factor authentication, more robust and unique passwords, updated software, advanced email filtering systems, and stronger employee training programs.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.