Security News > 2024 > April > FIN7 targets American automaker’s IT staff in phishing attacks
The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor.
BlackBerry attributed the attacks to FIN7 with a high level of confidence based on the use of unique PowerShell scripts using the adversary's signature 'PowerTrash' obfuscated shellcode invoker, first seen in a 2022 campaign.
FIN7's attack started with spear-phishing emails targeting highly privileged employees in the IT department of a large U.S.-based car manufacturer.
FIN7 has been around since 2013 but only in the past few years switched to bigger targets and the typical final payload is ransomware.
MiTM phishing attack can let attackers unlock and steal a Tesla.
FBI warns of massive wave of road toll SMS phishing attacks.
News URL
Related news
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- iOS devices face twice the phishing attacks of Android (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Low-tech phishing attacks are gaining ground (source)
- MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks (source)
- Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails (source)
- Focused Phishing: Attack Targets Victims With Trusted Sites and Live Validation (source)