10-03-2019 , 08:08 AM
Quote:Attackers are using an obfuscated version of Adwind Remote Access Trojan for stealing data, Netskope says.
An unknown threat actor is targeting companies in the US petroleum industry with a sophisticated data-stealing remote access Trojan (RAT) that previously had been used in attacks against retail and hospitality organizations.
Netskope says it observed a recent spike in alerts for the malware family — the Adwind RAT — among its customers operating within the petroleum industry.
The attacks appear to be originating from a domain belonging to Westnet, an Australian ISP. What's not clear is if the attacker is a Westnet customer or has compromised accounts belonging to Westnet customers and is using them to distribute Adwind, Netskope said in a report.
Source( full read)- https://www.darkreading.com/attacks-brea...id/1335966