Security News > 2021 > March > Cybercriminals Target Industrial Organizations in Information Theft Campaign
A mysterious cybercrime group apparently driven by profit has been targeting industrial organizations in Europe, Asia and North America as part of an information theft campaign.
The malware is delivered using spear phishing emails that purport to come from legitimate companies, including from within the victim organization itself and other companies that the victim might do business with.
While the hackers appear to be mainly interested in oil and gas supply chain industries in the Middle East, they have also been seen targeting other types of organizations in other regions.
In the APAC region, the threat group targeted an industrial process and factory automation firm, a construction materials manufacturer, and a transportation services company.
The list of organizations whose employees did install the threat actor's malware includes an aerospace company in India, and development company in South Korea, a services provider for the oil and gas industry in the UAE, a logistics and transportation company in the UAE, the national oil and gas company of Sri Lanka, an oil and gas company in China, and a petrochemical and textile firm in China.
Antivirus company Bitdefender also published a report last year to describe attacks on oil and gas organizations, and those attacks also involved the AgentTesla malware, but DeNexus does not believe they are related.