14 DAY TRIAL // Symantec experts warn European organizations of sophisticated social engineering attacks that have targeted at least 14 companies from France. While most of the impacted organizations appear to be from France, victims have also been spotted in Romania and Luxembourg.
According to Symantec, the attacks start with a phone call. The crooks call an employee, usually one that works with company finances, and ask him/her to process an invoice they're about to send via email.
The file attached to the email is not an invoice, but a variant of the Shadesrat Remote Access Trojan (RAT). Once it infects a device, the RAT allows the attacker to gain access to all sorts of sensitive information that can be used to access the company’s bank accounts.
The information gathered by the malware can also be useful for subsequent social engineering attacks.
The campaign is still ongoing, so organizations are advised to be extra cautious since it’s clear that these cybercriminals have done their homework.