Researchers with Proofpoint have updated their analysis of a recent spearphishing campaign going after US utility companies. The campaign was initially discovered in July of this year, when three firms were targeted with malicious phishing messages distributing a new kind of remote access trojan (RAT) dubbed LookBack. As it turns out, the attackers launched another campaign of this kind in late August.
The latest campaign also targeted utility companies, and relied on updated versions of the hacking tools used in previous attacks. Proofpoint now says that at least 17 utility companies have been targeted between April and August of this year. According to the report, “the threat actors demonstrate persistence when intrusion attempts have been foiled and appear to have been undeterred by publications describing their toolset.”
Read more: More US Utility Firms Targeted in Evolving LookBack Spearphishing Campaign