Modernizing Authentication — What It Takes to Transform Secure Access
Seculert researchers recently came across a new targeted attack that leveraged spear phishing e-mails to infect Israeli companies and government organizations with the "Xtreme RAT" remote access Trojan (h/t The Register).
"To date, 15 machines have been compromised including ones belonging to the Civil Administration of Judea and Samaria," Seculert CTO and co-founder Aviv Raff wrote in a blog post detailing the attack. "This is especially disconcerting as the Administration is responsible for entry and work permits from the West Bank to Israel."
The phishing e-mails, which claimed to come from Israel's internal security service, the Shin Bet, contained malicious attachments disguised as PDFs. "Closer examination of the spear phishing e-mails revealed that the attackers are not native Hebrew speakers and most likely copied and altered incomplete text to create the subject of the e-mail," Raff wrote.
The malware gave the attackers remote access to the targeted networks. For these attacks, according to Raff, the command and control server was located in the United States.https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i
Photo courtesy of Shutterstock.