Security News > 2024 > March > Hackers impersonate U.S. government agencies in BEC attacks
A gang of hackers specialized in business email compromise attacks and tracked as TA4903 has been impersonating various U.S. government entities to lure targets into opening malicious files carrying links to fake bidding processes.
According to Proofpoint, whose analysts have been tracking the campaign, the threat actors impersonate the U.S. Department of Transportation, the U.S. Department of Agriculture, and the U.S. Small Business Administration.
Recipients scanning the QR codes are redirected to phishing sites crafted to resemble the official portals from the impersonated U.S. government agencies.
The researchers noticed TA4903 shifting recently from spoofing U.S. government entities to impersonating small businesses, but it is unclear if the switch is temporary or a longer term change.
Hackers steal Windows NTLM authentication hashes in phishing attacks.
Hackers target FCC, crypto firms in advanced Okta phishing attacks.
News URL
Related news
- Russian hackers attack Western military mission using malicious drive (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Hackers abuse Zoom remote control feature for crypto-theft attacks (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Lazarus hackers breach six companies in watering hole attacks (source)
- Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool (source)
- Chinese hackers behind attacks targeting SAP NetWeaver servers (source)
- Hackers now testing ClickFix attacks against Linux targets (source)
- Hackers behind UK retail attacks now targeting US companies (source)
- Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization (source)