What you need to know
- Phishers are at it again, distributing data theft Trojans.
- Microsoft has been following their activities.
- Microsoft Security Intelligence released findings on Twitter.
Today in predictable cybercrime, there's a campaign going on wherein phishers are targeting people in the travel and aerospace industries with malicious emails containing loaders that pave the way for remote access Trojans (RATs) to steal data. Microsoft Security Intelligence exposed the whole operation over on Twitter.
In the past few months, Microsoft has been tracking a dynamic campaign targeting the aerospace and travel sectors with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AsyncRAT. pic.twitter.com/aeMfUUoVvfIn the past few months, Microsoft has been tracking a dynamic campaign targeting the aerospace and travel sectors with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AsyncRAT. pic.twitter.com/aeMfUUoVvf— Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021May 11, 2021
It's a classic phishing scheme: The bad actor pretends to be a legitimate organization or individual and whips up a very, very convincing email to enhance the legitimacy of the act. That email contains an attachment disguised as a PDF. The second it's clicked, the RAT — in this specific campaign's case, RevengeRAT or AsyncRAT — then gets to work on stealing your data.
What data will it go after? Screenshots, credentials, browser data, network info, and even webcam data. Has your webcam seen anything lately you wouldn't be proud of certain eyes stealing a look at? Then beware.
As mentioned, this campaign is targeting two massive industries at an organizational level rather than individuals. However, individuals make up said organizations, so if you happen to work in the travel or aerospace sectors, you might be one of the people targeted by these annoying phishing attacks. Watch out for bad folks posing as good folks, always triple-check that attachments are what they claim to be, and stay safe out there.
Get the Windows Central Newsletter
All the latest news, reviews, and guides for Windows and Xbox diehards.
Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to firstname.lastname@example.org.