Dismiss this notice
ExpressVPN Valentines 2021 Giveaway - https://www.geeks.fyi/showthread.php?tid=14246

Dismiss this notice
Internet Download Manager Giveaway - https://www.geeks.fyi/showthread.php?tid=14245

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Novel Email-Based Campaign Targets Bloomberg Clients with RATs
Quote:A new e-mail-based campaign by an emerging threat actor aims to spread various remote access trojans (RATs) to a very specific group of targets who use Bloomberg’s industry-based services.
Cisco Talos Intelligence researchers discovered the campaign, dubbing it and its perpetrator “Fajan” and asserting it is likely the work of one actor from an Arabic-speaking country.
Researchers have been tracking the e-mail based campaign since Fajan first commenced activity in March, recovering a “relatively low volume” of samples that make it tricky to determine “whether the campaigns are carefully targeted or mass-spammed,” according to a report posted online Wednesday.
Attacks start in the form of what look like targeted emails to clients of Bloomberg BNA, which has since been rebranded Bloomberg Industry Group. The wholly owned subsidiary of Bloomberg LLC aggregates news content in platforms for various industries such as law, tax and accounting, and government and sells them to clients.
“We believe this is the first time anyone’s documented Fajan’s operations in one place,” Cisco Talos researcher Vanja Svajcer wrote in the report.
The emails claim to contain an invoice for clients but instead include an attached Excel spreadsheet that contains macro code to either download the next infection stage or drop and run the final payload, which is always a Javascript- or VB-based RAT “that allows the attacker to take control over the infected system using HTTP over a non-standard TCP port,” he wrote.

Read more: Novel Email-Based Campaign Targets Bloomberg Clients with RATs | Threatpost
[-] The following 1 user Likes silversurfer's post:
  • harlan4096

Forum Jump:

Users browsing this thread: 1 Guest(s)
You have to register before you can post on our site.



Recent Posts
That high pitched noise you are hearing ...
Microsoft confi...harlan4096 — 12:43
Verizon: Pandemic Ushers in ⅓ More Cyber...
Thanks for just sh...silversurfer — 08:58
FIN7 Backdoor Masquerades as Ethical Hac...
The notorious FIN7...silversurfer — 08:50
Ransomware’s New Swindle: Triple Extorti...
Ransomware attacks...silversurfer — 08:48
Bitdefender 25.0.1...harlan4096 — 16:11

Today's Birthdays
avatar (40)mediumog
Upcoming Birthdays
avatar (23)jayc137
avatar (43)Jerrycix
avatar (35)awedoli
avatar (77)WinRARHowTo
avatar (34)axuben
avatar (35)ihijudu
avatar (44)contjrat
avatar (45)Mirzojap
avatar (31)idilysaju
avatar (35)GregoryRog
avatar (35)odukoromu
avatar (41)Joanna4589

Online Staff
There are no staff members currently online.