Military Contractors the Latest Targets in a Series of Covert Cyberattacks Researchers Say
There's been a series of covert cyberattacks explicitly zeroing in on military and weapons contractor firms. Most notably, these ongoing attacks use '" spear-phishing" emails which work to commence what's known as a multi-stage infection process that deploys an unknown payload on these vulnerable devices.
The attacks have been referred to as STEEP#MAVERICK by Securonix, which also works to breach the supplier that works with the F-35 Lightning II fighter aircraft. Researchers share that "the attack started in late summer 2022, targeting at least two high-profile military contractor companies."
The phishing attacks function by sending an email that contains a ZIP archive attachment, which holds a shortcut file that "claims" to be a PDF document with the title of "Company & Benefits," which is the malware that is released into the remote server.
The part that makes these attacks standout is their modus operandi, which "is the incorporation of obfuscated code designed to thwart analysis, in addition to scanning for the presence of debugging software and halt the execution if the system language is set to Chinese or Russian."
Hungry for more? Join me each week, where I'll break down complex topics and dissect the latest news within the cybersecurity industry and blockchain ecosystem, simplifying the tech world.