Russian APT Group Thwarted in Attack on US Automotive Manufacturer

  /     /     /  
Publicated : 23/11/2024   Category : security


Russian APT Group Thwarted in Attack on US Automotive Manufacturer


The group gained access to the victim network by duping IT employees with high administrative-access privileges.



Researchers this week shared details of an attack campaign by
the infamous FIN7 threat group
that targeted a large US-based global automotive manufacturer.
FIN7, a
Russian advanced persistent threat (APT) group
, also known as Carbon Spider, ELBRUS, and Sangria Tempest, conducted a spear-phishing campaign in late 2023 that was spotted and
ultimately halted by BlackBerrys threat and research team
. The attackers identified IT employees with high admin-level rights and lured them in by impersonating an IP scanning tool with a malicious URL. Once the employees opened the link, the threat actor ran its Anunak backdoor, allowing them to gain an initial foothold utilizing living off the land binaries, scripts, and libraries (lolbas), BlackBerry researchers said in blog post detailing the attack.
BlackBerry said its threat and research team detected and disrupted the attack before FIN7 was able to launch the ransomware portion of the attack.
In the past, FIN7 has targeted US retail, hospitality, and restaurant sectors, though it is now branching out to defense, insurance, and transportation sectors. BlackBerry researchers believe that the threat group is now likely targeting larger entities, with the assumption that they will pay a higher ransom.
BlackBerry did not disclose the name of the targeted automotive manufacturer.

Last News

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Russian APT Group Thwarted in Attack on US Automotive Manufacturer