Security News > 2020 > May > Steganography Anchors Pinpoint Attacks on Industrial Targets
A targeted series of attacks on suppliers of equipment and software for industrial enterprises is playing out globally, researchers said, hinging on phishing and a steganography tactic to hide malware on public, legitimate image resources.
According to Kaspersky ICS CERT, the attacks seem bent on stealing Windows credentials in order to lay the groundwork for lateral movement inside a target network and follow-on activity.
"Notably, the text in the exception message depends on the language pack installed in the operating system. Apparently, the attackers prepare the malicious script specifically for victims from a particular country."
"The use of , combined with the pinpoint nature of the infections, indicates that these were targeted attacks," the researchers concluded.
"It is a matter of concern that attack victims include contractors of industrial enterprises. If the attackers are able to harvest the credentials of a contractor organization's employees, this can lead to a range of negative consequences, from the theft of sensitive data to attacks on industrial enterprises via remote administration tools used by the contractor."
News URL
https://threatpost.com/steganography-pinpoint-attacks-industrial-targets/156151/