Oil and Gas Firms Targeted With Agent Tesla Spyware

[silversurfer]

Attackers are targeting energy companies with the Agent Tesla spyware, as seen in recent spearphishing emails with malicious attachments. Researchers say that until now, Agent Tesla has not been associated with campaigns targeting the oil-and-gas vertical.
 
The emails leverage the tumultuous nature of today’s oil and gas markets, which have been under tremendous stress in recent weeks, as the global COVID-19 pandemic lowered oil demand. At the same time, an agreement over oil production has been struck in a recent meeting between the OPEC+ alliance and the Group of 20 nations.
 
Attackers are taking advantage of the concerns around this crisis by impersonating a well-known Egyptian engineering contractor (Engineering for Petroleum and Process Industries, or Enppi), with experience in onshore and offshore projects in oil and gas, as well as a shipment company (Glory Shipping Marine Co. Ltd).

“Cybercriminals are often opportunistic and leverage popular media topics in spearphishing campaigns that usually target large numbers of victims,” said Liviu Arsene, cybersecurity researcher with Bitdefender, in a Tuesday analysis. “However, we recently found a campaign that seems to specifically target the oil & gas sector, based on a telemetry spike on March 31. Interestingly, the payload is a spyware trojan that packs keylogging capabilities, and has not been associated with oil and gas spearphishing campaigns in the past.”

Read more: https://threatpost.com/oil-and-gas-agent...re/154973/

[jasonX]

Attackers are targeting energy companies with the Agent Tesla spyware, as seen in recent spearphishing emails with malicious attachments. Researchers say that until now, Agent Tesla has not been associated with campaigns targeting the oil-and-gas vertical.
 
The emails leverage the tumultuous nature of today’s oil and gas markets, which have been under tremendous stress in recent weeks, as the global COVID-19 pandemic lowered oil demand. At the same time, an agreement over oil production has been struck in a recent meeting between the OPEC+ alliance and the Group of 20 nations.
 
Attackers are taking advantage of the concerns around this crisis by impersonating a well-known Egyptian engineering contractor (Engineering for Petroleum and Process Industries, or Enppi), with experience in onshore and offshore projects in oil and gas, as well as a shipment company (Glory Shipping Marine Co. Ltd).

“Cybercriminals are often opportunistic and leverage popular media topics in spearphishing campaigns that usually target large numbers of victims,” said Liviu Arsene, cybersecurity researcher with Bitdefender, in a Tuesday analysis. “However, we recently found a campaign that seems to specifically target the oil & gas sector, based on a telemetry spike on March 31. Interestingly, the payload is a spyware trojan that packs keylogging capabilities, and has not been associated with oil and gas spearphishing campaigns in the past.”

Read more: https://threatpost.com/oil-and-gas-agent...re/154973/

Bad people we get a lot of these nowadays...I hope that even for some kind of decency they will stop a bit. It is the common people who will more suffer especially that crude oil now is in a fix...

Thanks for the info there!