by Sean Gallagher, ars technica
More details of the cyberattack on multiple banks and media companies in South Korea on Wednesday have emerged, suggesting that at least part of the attack was launched through a phishing campaign against employees of the companies. According to a report from Trend Micro’s security lab, the “wiper” malware that struck at least six different companies was delivered disguised as a document in an e-mail. The attachment was first noticed by e-mail scanners on March 18, the day before the attack was triggered. The e-mail was purportedly from a bank; Trend Micro’s Deep Discovery threat scanning software recognized the message as coming from a host that had been used to distribute malware in the past.
Share on Facebook