Security News > 2024 > March > Hackers impersonate U.S. government agencies in BEC attacks
A gang of hackers specialized in business email compromise attacks and tracked as TA4903 has been impersonating various U.S. government entities to lure targets into opening malicious files carrying links to fake bidding processes.
According to Proofpoint, whose analysts have been tracking the campaign, the threat actors impersonate the U.S. Department of Transportation, the U.S. Department of Agriculture, and the U.S. Small Business Administration.
Recipients scanning the QR codes are redirected to phishing sites crafted to resemble the official portals from the impersonated U.S. government agencies.
The researchers noticed TA4903 shifting recently from spoofing U.S. government entities to impersonating small businesses, but it is unclear if the switch is temporary or a longer term change.
Hackers steal Windows NTLM authentication hashes in phishing attacks.
Hackers target FCC, crypto firms in advanced Okta phishing attacks.
News URL
Related news
- Chinese hackers targeted sanctions office in Treasury attack (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Google says hackers abuse Gemini AI to empower their attacks (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- whoAMI attacks give hackers code execution on Amazon EC2 instances (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)