The campaign was discovered by experts from Kaspersky Lab who speculate the attackers are financially motivated.
Kaspersky Lab ICS CERT has identified a new wave of phishing emails with malicious attachments targeting primarily companies and organizations that are, in one way or another, associated with industrial production. reads the blog post published by Kaspersky.
According to the data available, the attackers main goal is to steal money from victim organizations accounts,
Once the attackers have gained access to the victims system they will search for any purchase documents, as well as the financial and accounting software. Then the crooks look for various ways in which they can monetize their effort, for example, by spoofing the bank details used to make payments.
According to Kaspersky, there was a spike in the number of spear phishing messages in November 2017 that targeted up to 400 industrial companies located in Russia.
The spear-phishing campaign is still ongoing, the messages purported to be invitations to tender from large industrial companies.
The quality of the phishing messages suggests the attackers have spent a sig...