Security News > 2021 > May > Worldwide phishing attacks deliver three new malware strains
A global-scale phishing campaign targeted worldwide organizations across an extensive array of industries with never-before-seen malware strains delivered via specially-tailored lures.
UNC2529, as Mandiant threat researchers track the "Uncategorized" threat group behind this campaign, has deployed three new malware strains onto the targets' computers using custom phishing lures.
"The threat actor made extensive use of obfuscation and fileless malware to complicate detection to deliver a well coded and extensible backdoor," Mandiant said.
UNC2529 used considerable infrastructure to pull off their attacks, with roughly 50 domains being used to deliver the phishing emails.
UNC2529's phishing campaign was not focused on a single industry vertical or a single region during the two waves of attacks.
Indicators of compromise, including malware hashes and domains used to deliver the phishing emails, are available at the end of Mandiant's report.
News URL
Related news
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Open-source malware doubles, data exfiltration attacks dominate (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)