Sophisticated Phishing Campaign Targets Military and Weapons Contractors

September 29, 2022

INCIDENT

Security researchers have discovered a new campaign targeting multiple military contractors involved in weapon manufacturing, including an F-35 Lightning II fighter aircraft components supplier. The highly targeted attacks begin with a phishing email sent to employees, leading to a multi-stage infection involving many persistence and detection avoidance systems.The campaign stands out for its secure C2 infrastructure and multiple layers of obfuscation in the PowerShell stagers. The campaign stands out for its secure C2 infrastructure and multiple layers of obfuscation in the PowerShell stagers.

Incident Date

September 27, 2022

Location

Estimated Cost


No cost values disclosed.

Victims

No victims identified

Type of Malware

Threat Source

No threat source identified