Actor uses compromised accounts, customized social engineering to target transport and logistics firms with malware

Intel Name: Actor uses compromised accounts, customized social engineering to target transport and logistics firms with malware

Date of Scan: September 26, 2024

Impact: High

Summary:
Proofpoint researchers are monitoring a series of activities aimed at transportation and logistics companies in North America, focusing on delivering various malware payloads.Significantly, this activity exploits compromised legitimate email accounts from transportation and shipping firms. Currently, it’s unclear how the actor gains access to these accounts. The actor injects malicious content into ongoing conversations in the inbox, making the messages appear legitimate. Proofpoint has identified at least 15 compromised email accounts involved in these campaigns.

More Details