‘Anomalous’ Spyware Targets Industrial Companies

Several campaigns employing spyware have come to light, a new report shows. Researchers name these cyberattacks “Anomalous”. The threat actors’ targets are industrial enterprises and their final goal consists of email accounts credential theft, financial fraud, or even the reselling of this spyware to other hackers.

The ‘Anomalous’ Spyware Cyberattacks: More Details

Researchers from Kaspersky were the ones who published a report on this topic. Hackers leverage spyware tools that are ready-made, however, every variant is deployed for a limited and specific period of time. This technique helps threat actors remain undetected.

The commodity malware employed in these cyber-attacks includes:

AgentTesla/Origin Logger HawkEye Noon/Formbook Masslogger Snake Keylogger Azorult Lokibot

The experts referred to these attacks as “anomalous”, this conclusion being drawn out of the fact that they are characterized by a short-lived nature, which is not a common thing in this field. Hence, the spyware attacks under discussion have a lifespan of almost 25 days compared to usual campaigns extended over a period of months or even years.

The lifespan of the “anomalous” attacks is limited to about 25 days. And at the same time, the number of attacked computers is less than 100, of which 40-45% are

Read More: https://heimdalsecurity.com/blog/anomalous-spyware-targets-industrial-firms/