Chinese(?) Cyberattack on Philippines

This innocuous looking email:

evil email f-secure

isn’t innocuous at all. Researchers at F-Secure have linked this email to a coordinated cyberattack against the Department of Justice of the Philippines, the organizers of the Asia-Pacific Economic Cooperation (APEC) Summit and a major international law firm. The attack methodology is the tried and true spearphishing attack. In this attack, the targeted person is tricked into installing Remote Access Trojan (RAT) that enables the attacker’s remote command and control server.

In this attack (like all spearphishing attacks), the victim was the agent of the attacker.  The attacker needed the victim to do three things for the attacker to evade defenses.  This email tricked the user into doing these three things:

  1. Open the email
  2. Open the attachment
  3. Enable scripts in the attachment

Why would the user do these things?  Because the attacker deceived the victim. Fight email deception with SP Guard from Iconix.

2017-01-07T17:35:09+00:00August 12th, 2016|Cybersecurity - General, SP Guard, spear phishing|