The researchers of FireEye’s cybersecurity team have recently announced that the phishing campaign, UNC2529 Hacking Group in December swept across financial, medical, communications, and other organizations around the world in two waves using custom phishing lures and spreading their three new strains of the malware that are Doubledrag, Doubledrop, and Doubleback.
UNC2529 is a well-experienced hacking group that has targeted multiple industries from multiple regions. They improved their attack types and vectors simply to make their emails real or legitimate to increase the chances of trapping targeted victims to infect their system easily.
During this campaign, the attackers targeted and attacked 50 well-known organizations across a wide range of industries globally. The security team suspected that the hacker group has created a set of malicious tools and they had all the necessary expertise and resources to carry out such a huge campaign.
Aside from that, the attackers in this phishing campaign mainly attacked organizations in the United States, Europe, the Middle East, Africa, Australia, and Asia. However, the researchers are still unaware of the true motives of the hackers behind this phishing operation. Finally, they confirmed that the wide coverage across sectors and regions is regulated with the most popular goals, such as financially motivated individuals.
By – Navya Swarup
Campus Ambassador, WCSF