A new Phishing Campaign is stealing Passwords from Government organizations from North America, Asia, and Europe. After the discovery of this campaign, no one knows who has been running this project as of now.
Phishing Campaign Stealing Passwords from Governments
The campaign was discovered by a team of Cyber Security researchers at Anomali. This campaign has been stealing ids and Passwords in the United States, Canada, China, Australia, Sweden and more.
All attacks involve emails claiming to be targeted government agencies and all attempting to trick victims into clicking an email link asking for their username and password. This is one of the oldest tricks in the book that still has victims.
Saya Moore says, “It could be that the adversaries are trying to gain access to potential bidders to undercut the competition or to compromise government suppliers for more long term gain”
It is not clear what kind of group is behind the spoofed websites and related phishing campaigns, the domains are being hosted in Turkey and Romania. But, although it does not disclose who might be behind the attacks because the attackers were able to set up phishing sites from any county in the world and could use any country to host the domains.
After the finding of this group, the CERT of the affected countries has been notified with warnings issued to governments teaching employees basic Cyber Security Practices.