Nation-State Espionage Campaigns towards Middle East Protection Contractors

Report on espionage attacks making use of LinkedIn as a vector for malware, with information and screenshots. They speak about “a number of hints suggesting a attainable url” to the Lazarus team (aka North Korea), but that is by no implies definite.

As aspect of the preliminary compromise section, the Operation In(ter)ception attackers experienced designed phony LinkedIn accounts posing as HR representatives of perfectly-recognised providers in the aerospace and protection industries. In our investigation, we’ve observed profiles impersonating Collins Aerospace (previously Rockwell Collins) and Normal Dynamics, both big US corporations in the subject.

Comprehensive report.

Tags: attribution, cyberespionage, espionage, impersonation, LinkedIn, malware, reports

Posted on June 23, 2020 at 6:22 AM

8 Feedback

Sidebar photograph of Bruce Schneier by Joe MacInnis.