Security News > 2021 > July > Oil & Gas Targeted in Year-Long Cyber-Espionage Campaign
"In the event of a successful breach, the attacker could use the compromised email account of the recipient to send spear-phishing emails to companies that work with the supplier, thus using the established reputation of the supplier to go after more targeted entities."
To kick off the attack, the adversaries send emails tailored to employees at each company being targeted, researchers said.
The recipient email addresses range from generic addresses to specific people within companies, suggesting varying levels of reconnaissance work on targets.
"The emails are formatted to look like valid correspondence between two companies."
Each email has a malicious attachment with a seemingly complementary name related to the contents of the email body, according to Intezer.
The email references the real Dunkirk offshore wind farm project, which is run by a consortium made up of several companies, two of which are mentioned in the email.
News URL
https://threatpost.com/oil-gas-cyber-espionage-campaign/167639/
Related news
- Reminder: China-backed crews compromised 'multiple' US telcos in 'significant cyber espionage campaign' (source)
- FBI confirms China-linked cyber espionage involving breached telecom providers (source)
- Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks (source)
- Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage (source)