Security News > 2024 > April > FIN7 targets American automaker’s IT staff in phishing attacks
The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor.
BlackBerry attributed the attacks to FIN7 with a high level of confidence based on the use of unique PowerShell scripts using the adversary's signature 'PowerTrash' obfuscated shellcode invoker, first seen in a 2022 campaign.
FIN7's attack started with spear-phishing emails targeting highly privileged employees in the IT department of a large U.S.-based car manufacturer.
FIN7 has been around since 2013 but only in the past few years switched to bigger targets and the typical final payload is ransomware.
MiTM phishing attack can let attackers unlock and steal a Tesla.
FBI warns of massive wave of road toll SMS phishing attacks.
News URL
Related news
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)