LookBack looks to shutdown US Utilities
The U.S. utilities sector is starting to see higher levels of spearphishing attacks using “LookBack” malware.
According to a security researcher, spear phishing email campaigns have been identified containing the malware initially targeting three major US utilities companies. The fraudulent emails impersonate a U.S.-based engineering licensing board, with emails originating from a threat actor-controlled domain.
The emails contain Microsoft Word attachments that use macros to install and run the LookBack malware. The malware specifically contains a remote access Trojan (RAT) module and a proxy mechanism used for command and control (C&C) communication. As soon as the attachment was opened, LookBack was initiated.
What to watch for:
Any email that contains attachments should receive hyper-vigilance and speculation. If you employ advanced email security, emails are scanned for malicious content and attachments but you shouldn’t leave that to chance.
July’s LookBack attacks on U.S. utilities have not been associated with a known actor, and no infrastructure or code overlaps were identified.
Download our infographic and learn how to identify a phishing scam when you see one.
Other Articles You Might Be Interested In:
You want to improve the processes of budgeting, forecasting, and fundraising for your nonprofit; however, you are having a hard time identifying problems and solutions. Data analytics can help. This type of business intelligence is already considered indispensable...read more
Your business is always looking to reduce costs. Looking at the information technology budget line items is headache-inducing. So much money spent in one area, and there’s so little you can do about it! But is that really true? IT expenses may not be as fixed as you...read more