Security News > 2024 > March > Hackers impersonate U.S. government agencies in BEC attacks
A gang of hackers specialized in business email compromise attacks and tracked as TA4903 has been impersonating various U.S. government entities to lure targets into opening malicious files carrying links to fake bidding processes.
According to Proofpoint, whose analysts have been tracking the campaign, the threat actors impersonate the U.S. Department of Transportation, the U.S. Department of Agriculture, and the U.S. Small Business Administration.
Recipients scanning the QR codes are redirected to phishing sites crafted to resemble the official portals from the impersonated U.S. government agencies.
The researchers noticed TA4903 shifting recently from spoofing U.S. government entities to impersonating small businesses, but it is unclear if the switch is temporary or a longer term change.
Hackers steal Windows NTLM authentication hashes in phishing attacks.
Hackers target FCC, crypto firms in advanced Okta phishing attacks.
News URL
Related news
- Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks (source)
- Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks (source)
- Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (source)
- Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack (source)
- TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks (source)
- Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks (source)