Intel Name: Actor uses compromised accounts, customized social engineering to target transport and logistics firms with malware
Date of Scan: September 26, 2024
Impact: High
Summary: Proofpoint researchers are monitoring a series of activities aimed at transportation and logistics companies in North America, focusing on delivering various malware payloads.Significantly, this activity exploits compromised legitimate email accounts from transportation and shipping firms. Currently, it’s unclear how the actor gains access to these accounts. The actor injects malicious content into ongoing conversations in the inbox, making the messages appear legitimate. Proofpoint has identified at least 15 compromised email accounts involved in these campaigns.