LookBack looks to shutdown US Utilities
The U.S. utilities sector is starting to see higher levels of spearphishing attacks using “LookBack” malware.
According to a security researcher, spear phishing email campaigns have been identified containing the malware initially targeting three major US utilities companies. The fraudulent emails impersonate a U.S.-based engineering licensing board, with emails originating from a threat actor-controlled domain.
The emails contain Microsoft Word attachments that use macros to install and run the LookBack malware. The malware specifically contains a remote access Trojan (RAT) module and a proxy mechanism used for command and control (C&C) communication. As soon as the attachment was opened, LookBack was initiated.
What to watch for:
Any email that contains attachments should receive hyper-vigilance and speculation. If you employ advanced email security, emails are scanned for malicious content and attachments but you shouldn’t leave that to chance.
July’s LookBack attacks on U.S. utilities have not been associated with a known actor, and no infrastructure or code overlaps were identified.
Download our infographic and learn how to identify a phishing scam when you see one.
Other Articles You Might Be Interested In:
When running a business, information technology (IT) can be complex, time-consuming, and essential. However finding, hiring, and training qualified IT staff members has become more difficult than ever. With long hiring periods due to the specialization of the role,...
Information technology (IT) is a crucial component of any enterprise, as it touches every digital aspect of a company ranging from computer systems to payment processing. Various software tools and know-how are needed to keep IT architecture operational, whether using...
1423 Powhatan St
Alexandria, VA 22314
233 SW 3rd St
Ocala, FL 34471
N Laurel Park Dr Ste 441
Livonia, MI 48152
1924 Baltic Way #114
Ferndale, WA 98248