Security News > 2021 > July > Use of Common Malware in Operation Targeting Energy Sector Makes Attribution Difficult

Use of Common Malware in Operation Targeting Energy Sector Makes Attribution Difficult
2021-07-08 14:20

Researchers at cybersecurity firm Intezer have been monitoring a campaign that appears to be mainly aimed at the energy sector, but attribution to a known threat group is made difficult by the fact that the operation involves several common malware families.

The threat actor is attempting to deliver its malware using spear-phishing emails that are customized for the employees of each targeted organization.

While the operation appears to focus on the energy sector, the attackers have sent their malicious emails to organizations in several sectors, including energy, oil and gas, IT, manufacturing, and media.

Suppliers for the energy sector have also been targeted, which could indicate that these attacks are only the initial stage of a larger campaign.

"In the event of a successful breach, the attacker could use the compromised email account of the receipt to send spear phishing emails to companies that work with the supplier. Thus using the established reputation of the supplier to go after more targeted entities," Intezer said.

The campaign involves several widely used malware families, many of which have been around for years and are offered through a malware-as-a-service model.


News URL

http://feedproxy.google.com/~r/securityweek/~3/s5Cl1Yh94zQ/use-common-malware-operation-targeting-energy-sector-makes-attribution-difficult