Security researchers at Proofpoint have released a recent advisory that details how state-aligned threat groups have increased the volume of attacks targeting journalists. According to the research, the goal of the attacks is to steal data and credentials, as well as to track the journalists. The targeted phishing attacks can be linked to multiple different threat actors who, in other endeavors, have been focused on stealing credentials as well. The report outlines individual efforts by different advanced persistent threat groups as they attempt to hack journalists.
The hacking groups identified in the report are believed to be sponsored by the nations of China, North Korea, Iran, and Turkey. The attacks began in early 2021 and continue to affect journalists today. The APTs act independently of each other by share the same overall goals of cyber espionage. The threat actors often use tactics in which they pose as journalists themselves to obtain information. The theft of data is often centered around that of note to specific regimes and data surveillance. The phishing attacks continue to pose a huge threat to the journalism industry.
Read More: Journalists Emerge as Favored Attack Target for APTs