Security News > 2021 > May > Worldwide phishing attacks deliver three new malware strains
A global-scale phishing campaign targeted worldwide organizations across an extensive array of industries with never-before-seen malware strains delivered via specially-tailored lures.
UNC2529, as Mandiant threat researchers track the "Uncategorized" threat group behind this campaign, has deployed three new malware strains onto the targets' computers using custom phishing lures.
"The threat actor made extensive use of obfuscation and fileless malware to complicate detection to deliver a well coded and extensible backdoor," Mandiant said.
UNC2529 used considerable infrastructure to pull off their attacks, with roughly 50 domains being used to deliver the phishing emails.
UNC2529's phishing campaign was not focused on a single industry vertical or a single region during the two waves of attacks.
Indicators of compromise, including malware hashes and domains used to deliver the phishing emails, are available at the end of Mandiant's report.
News URL
Related news
- How Phishing Attacks Adapt Quickly to Capitalize on Current Events (source)
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait (source)
- How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (source)
- Novel attack on Windows spotted in phishing campaign run from and targeting China (source)
- Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack (source)
- New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm (source)
- Chinese hackers use new data theft malware in govt attacks (source)