Hackers hijacked a government server to send malware to U.S. companies

Discussion in 'other security issues & news' started by hawki, Oct 11, 2017.

  1. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    3,087
    Location:
    DC Metro Area
    "Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies

    A Eastern European hacking group hijacked U.S. state government servers to dispense malware through phishing emails that were designed to appear like they had come from the Securities and Exchange Commission, according to research by Cisco’s Talos team and an analysis by other cybersecurity experts familiar with the activity

    The technical findings connect a known advanced persistent threat (APT) group, codenamed FIN7 by U.S. cybersecurity firm FireEye, to a sophisticated intrusion technique that was detected in a recent wave of spoofed emails that mimicked the SEC’s domain. The messages carried malware-laden Microsoft Word documents mentioning financial disclosure information from the EDGAR system...

    Emails tied to this campaign were “highly targeted” and only sent to a small, select group of U.S. businesses in several different industry sectors, including finance, insurance and information technology, said Craig Williams, a senior researcher with Talos..."

    https://www.cyberscoop.com/cybercri...ver-send-sophisticated-malware-u-s-companies/
     
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    5,140
    Location:
    U.S.A.
    Hackers Used Government Servers in DNSMessenger Attacks
    http://www.securityweek.com/hackers-used-government-servers-dnsmessenger-attacks
     
Loading...