Security News > 2021 > June > Phishing uses Colonial Pipeline ransomware lures to infect victims
The recent ransomware attack on Colonial Pipeline inspired a threat actor to create a new phishing lure to trick victims into downloading malicious files.
Threat actors did not lose much time after the Colonial Pipeline incident and used it as a theme in a new phishing campaign deployed a couple of weeks later.
The fake emails use the Colonial Pipeline attack as an example of the devastating consequences a ransomware incident can have on an organization.
INKY researchers say in a blog post today that the payload was Cobalt Strike, a threat emulation software developed for penetration testing purposes but often used by malicious actors, too, especially in the ransomware business.
Attackers in the phishing business are keeping an eye on the news to come up with relevant lures that would increase the success of their campaigns.
In this case, the highly publicized attack on Colonial Pipelines brought attention to the ransomware threat and its wider effect when hitting sensitive organizations.