Security News > 2020 > April > Weeks before US oil contract prices went negative, a spear-phishing crew went after oil firms. What did they get?

As American crude oil crashed on Monday, leading to the bizarre situation of a negative futures contract price, our attention was drawn to a spear-phishing campaign against organizations involved in global oil production.

A second, much smaller spear-phishing operation, impersonated a Philippines-based shipping company, targeted oil and gas companies in that country.

As supply outstrips demand, unwanted barrels of oil are piling up, forcing prices so low, some distributors are paying people to take them away.

"While the spear phishing attacks on oil and gas could be part of a business email compromise scam, the fact that it drops the Tesla Agent info-stealer suggests these campaigns could be more espionage focused," Bitdefender senior e-threat analyst Liviu Arsene told The Register.

"Threat actors that might have some stakes in oil and gas prices or developments may be responsible, especially when considering the niche targeted vertical and the ongoing oil crisis."

News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/04/21/bitdefender_opec_attacks/