CyberNews Briefs

Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool

According to researchers, the threat actor APT group known as TA410 has added a new tool to its arsenal, a modular remote-access trojan (RAT). Proofpoint researchers have connected the group to attacks on the United States’ utility sector, targeting Windows devices. The RAT is called FlowCloud and can access installed applications and control the keyboard, mouse, screen, files, services, and processes of an infected computer.

The RAT also has the ability to exfiltrate information. The RAT seems to be related to previous attacks in which the LookBack malware was delivered. Researchers state that the RAT was first discovered last summer as part of a spear-phishing campaign against utility providers. The phishing email advertised training and certification information and contained a portable executable attachment.

Read More: Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.