Colombian Metal And Energy Firms Targets Of New Trojan Campaign

ESET reported that Colombian Metal And Energy was targeted by a Remote Access Trojans (RATs) campaign.

ESET reported that Colombian Metal And Energy was targeted by a  Remote Access Trojans (RATs) campaign.

The campaign was called Operation Spalax and targeted the Colombian government and private sectors involved in energy and metallurgy.

ESET detected at least 24 IP addresses that were used in the attacks in the second half of 2020 which were used in phishing attacks that utilized Remcos, njRAT, and AsyncRAT.

The three trojans have functions for keylogging, screen capture, data exfiltration, and downloading additional malware and are commonly available on the dark web.

The phishing attack was reportedly delivered using court summons, bank account freeze warnings, and false notifications for mandated COVID-19 tests.

ESET, said they are not sure who conducted the attack but said it shared similarities with APTC36, also known as Blind Eagle.

Because the attackers used a DNS exploit, it made tracking them harder and signified that the attacks were evolving. 


© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.