Security News > 2021 > May > Worldwide phishing attacks deliver three new malware strains
A global-scale phishing campaign targeted worldwide organizations across an extensive array of industries with never-before-seen malware strains delivered via specially-tailored lures.
UNC2529, as Mandiant threat researchers track the "Uncategorized" threat group behind this campaign, has deployed three new malware strains onto the targets' computers using custom phishing lures.
"The threat actor made extensive use of obfuscation and fileless malware to complicate detection to deliver a well coded and extensible backdoor," Mandiant said.
UNC2529 used considerable infrastructure to pull off their attacks, with roughly 50 domains being used to deliver the phishing emails.
UNC2529's phishing campaign was not focused on a single industry vertical or a single region during the two waves of attacks.
Indicators of compromise, including malware hashes and domains used to deliver the phishing emails, are available at the end of Mandiant's report.
News URL
Related news
- WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)