A cyber espionage operation used fake job offers, sent via LinkedIn messages, to target employees at aerospace and military companies in Europe and the Middle East late last year, researchers from ESET have reported.
The highly targeted campaign — dubbed Operation In(ter)ception (an allusion to one malware sample’s file name) — took place from September to December 2019, according to a company blog post and corresponding white paper by ESET researchers Dominik Breitenbacher and Kaspars Osis. Its primarily purpose was data gathering and exfiltration via a custom build of dbxcli, an open-source command-line client for Dropbox. However, researchers observed at least one case where the attackers launched a Business Email Compromise scam against one victimized company’s business partner.
To trick prospective victims, the attackers created fraudulent LinkedIn accounts impersonating human resources or hiring managers from various aerospace and defense companies, including Collins Aerospace and General Dynamic, ESET explains. Then they used LinkedIn’s messaging feature to reach out to targeted employees and offer an employment opportunity, in hopes of getting them to open a mal ..
Support the originator by clicking the read the rest link below.
