in ,

Palo Alto Networks: Sofacy Hacking Group’s Phishing Scam Targets US Govt Sector

Palo Alto Networks: Sofacy Hacking Group's Phishing Scam Targets US Govt Sector - top government contractors - best government contracting event
https://executivebiz-media.s3.amazonaws.com/2022/08/19/30/9f/c3/a0/b7/6f/d4/64/Executive-Biz.png

cybersecurityA threat intelligence team at Palo Alto Networks has found that a cyber espionage group has launched a new spear phishing attack against the U.S. government.

The company said Tuesday its Unit 42 discovered that the Sofacy threat group, also called APT28, used a compromised email account linked to a foreign affairs ministry of another country to send a spear phishing email against a U.S. government agency on May 28.

According to Unit 42, the email contained the Sofacy Trojan malicious program’s Carberp variant and used a persistence mechanism that had not been identified in previous attacks.

The persistence method works to help cyber threat actors evade detection by requiring users to load and execute malicious payloads into any Microsoft Office applications through the use of an RTF file as a delivery document, according to Palo Alto Networks.

The RTF file was sent as an attachment to the spear-phishing email and established a registry key as a method to run the Trojan for persistence purposes, Unit 42 said.

The threat intell team said the email was titled “FW: Exercise Noble Partner 2016,” which refers to a joint NATO training exercise between the U.S. and Georgia.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity News

mm

Written by Jane Edwards

is a staff writer at Executive Mosaic, where she writes for ExecutiveBiz about IT modernization, cybersecurity, space procurement and industry leaders’ perspectives on government technology trends.

Social & Scientific Systems Names Paul Gorrell Health Policy, Data Analysis Group VP  - top government contractors - best government contracting event
Social & Scientific Systems Names Paul Gorrell Health Policy, Data Analysis Group VP 
DARPA Solicits Research Proposals for Space Command & Control Software Testbed Program - top government contractors - best government contracting event
DARPA Solicits Research Proposals for Space Command & Control Software Testbed Program