One Article Review
| Source |  CSO |
|---|---|
| Identifiant | 8149728 |
| Date de publication | 2022-11-21 07:02:00 (vue: 2022-11-21 16:05:47) |
| Titre | Luna Moth callback phishing campaign leverages extortion without malware |
| Texte | Palo Alto's Unit 42 has investigated several incidents linked to the Luna Moth group callback phishing extortion campaign targeting businesses in multiple sectors, including legal and retail. The analysis discovered that the threat actors behind the campaign leverage extortion without malware-based encryption, have significantly invested in call centers and infrastructure unique to attack targets, and are evolving their tactics over time. Unit 42 stated that the campaign has cost victims hundreds of thousands of dollars and is expanding in scope.Luna Moth removes malware portion of phishing callback attack Callback phishing – or telephone-oriented attack delivery (TOAD) – is a social engineering attack that requires a threat actor to interact with the target to accomplish their objectives. It is more resource intensive but less complex than script-based attacks and it tends to have a much higher success rate, Unit 42 wrote in a blog posting. Actors linked to the Conti ransomware group had success with this type of attack with the BazarCall campaign, which focused on tricking victims into downloading the BazarLoader malware. This malware element is synonymous with traditional callback phishing attacks. Interestingly, in this campaign, Luna Moth does away with the malware portion of the attack, instead using legitimate and trusted systems management tools to interact directly with a victim's computer to manually exfiltrate data for extortion. “As these tools are not malicious, they're not likely to be flagged by traditional antivirus products,” the researchers wrote.To read this article in full, please click here |
| Envoyé | Oui |
| Condensat | accomplish actor actors alto analysis antivirus are article attack attacks away based bazarcall bazarloader behind blog businesses but call callback campaign centers click complex computer conti cost data delivery directly discovered does dollars downloading element encryption engineering evolving exfiltrate expanding extortion flagged focused full group had has have here higher hundreds incidents including infrastructure instead intensive interact interestingly invested investigated legal legitimate less leverage leverages likely linked luna malicious malware management manually more moth much multiple not objectives oriented over palo phishing please portion posting products ransomware rate read removes requires researchers resource retail scope script sectors several significantly social stated success synonymous systems tactics target targeting targets telephone tends than these they thousands threat time toad tools traditional tricking trusted type unique unit using victim victims which without wrote “as |
| Tags | Ransomware Malware Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.