Researchers at Menlo Labs have spotted and tracked a new campaign aimed at tricking employees of US and UK financial firms and banks into downloading Houdini Malware.
It’s no surprise that cybercriminals are going where the money is – in this case, literally. A campaign that has been running since August of this year has been identified seeking to compromise business endpoints using a combinations of tactics:
The end goal of the attack was to install a remote access trojan (RAT) from the Houdini/jRAT malware family to take control of the endpoint, likely to gain access to internal financial applications.
As attackers use more and more sophisticated attacks like the one outline above, it’s important to focus on the one part of the equation that hasn’t changed – the attack requires a user. Without someone falling for the scam, this attack is powerless.
Organizations consistently putting their users through Security Awareness Training have a better chance of avoiding becoming a victim to scams like this. With educated users completely aware of the tactics used by cybercriminals, what to look for, and how to spot a malicious email, the likelihood of them falling prey to an attack is significantly reduced.