Monday, February 6, 2023
spot_img
HomeCyber Security BlogsLazyScripter Attackers Target Airlines Using Multiple RATs

LazyScripter Attackers Target Airlines Using Multiple RATs

Recently, the security researchers have discovered a previously unknown threat actor carrying out several nefarious activities with the help of multiple RATs. The unidentified actor came to be known as LazyScripter and has been active since 2018. Their prime target was the International Air Transport Association (IATA) and airlines.

This threat group has been targeting the International Air Transport Association (IATA) and airlines that are using the BSPLink software. Moreover, the victims looking to immigrate to Canada in search of jobs were also targeted by these attackers. The attackers have used KOCTOPUS loaders to deploy Octopus and Koadic to carry out phishing activities.

The threat actor has mostly used spam emails laden with archive or document files as an initial infection vector and multiple file types as its initial phishing lures. Both zip and document files included a variant of either KOCTOPUS or Empoder. In addition, they were observed to be dropping other RATs, such as LuminosityLink, Quasar, RMS, njRat, and Remcos, which are used by multiple hacking groups.

The use of multiple RATs and advanced tactics for nefarious activities indicates that this group is continuously making efforts to polish its tools and attack tactics. In addition, the use of freely available tools and malware shows how smartly this group is making use of commercially available tools, and the combination of all these strategies makes this group a very serious threat.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -spot_img

Most Popular

Recent Comments

DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us