• For Enquiry
  • 847-868-9253
  • 847-868-9208
  • Home
  • Why Choose CIO Landing?
    • Our Team
    • Success Stories
    • ‘8 Things’ We Do Better
    • Partners & Certifications
    • Our Services
  • Industry Expertise
    • Manufacturing
    • Medical
    • Education
    • Financial Services
    • Non-Profit
    • Law Firms
  • IT Solutions
    • Co-Managed Service
    • Managed IT Services
    • IT Support
      • On Demand Services
      • Office Moves & Wiring
      • Security
    • Server Management
    • Backup & Disaster Recovery
    • Cloud Services
    • CIO & IT Consulting
    • Cybersecurity Services
    • VoIP
    • Managed Firewall
    • Microsoft 365
      • Microsoft 365 Plans
        • Small Business
        • Enterprise
        • Education
    • Hardware & Software Sales
    • Email & Spam Protection
  • Resources
    • Free Copy Of New Book
    • Blog
    • Newsletter
    • Video Tips
      • Video Tips Archive
    • Free Cloud Report
    • IT Buyers Guide
    • Cybersecurity Crisis Report
    • Network Audit
    • COVID 19 Resources
    • In The NEWS
    • Online Training
  • About Us
    • Our Mission
    • Leadership
    • Teams
    • Referral Program
    • Press Releases
      • CIO Landing: More Than Just an IT
      • Small businesses can have an IT department too
      • CIO Landing, Inc. has joined forces with Banc Certified Merchant Services (BCMS).
    • Affiliations
    • Careers
      • Job Descriptions
    • FAQs
    • Causes We Support
    • Privacy Policy
    • Terms & Conditions
  • Locations
    • Northfield, IL
    • Northbrook, IL
    • Chicago, IL
    • Miami, FL
  • Support
✕
Chrome Zero Day Exploit Gets Fixed With Latest Update
May 19, 2021
Many Mobile Devices Contain A Chip With A Security Risk
May 21, 2021

Global Scale Phishing Attack Brings New Malware

May 20, 2021

There’s an ongoing, global scale phishing attack you should be aware of, even if your firm isn’t currently being targeted by it.

The attack is being tracked by Mandiant, who recently published a report about it. According to that report, the attack was planned in waves, hitting more than 50 different organizations spanning a broad range of industries.

These attacks happened on December 2nd, December 11th, and again on December 18th, 2020.

There are two things that make this attack particularly worrisome. First, Mandiant was unable to identify a specific threat actor behind them. Due to that, they’re simply tracking the group as “UNC2529,” with the UNC identifier tagging the group as currently unknown and uncategorized.

Second is the fact that there’s obviously a high level of talent behind the attacks, as it uses highly targeted spear phishing techniques to deploy three different strains of malware never seen before. Even worse is the fact that the group has taken great pains to ensure that their malicious code lands on target systems undetected.

A spokesman for Mandiant had this to say about the attacks:

The threat actor made extensive use of obfuscation and fileless malware to complicate detection to deliver a well coded and extensible backdoor.

“One interesting fact about the whole ecosystem is that only the downloader exists in the file system. The rest of the components are serialized in the registry database, which makes their detection somewhat harder, especially by file-based antivirus engines.

Masquerading as the account executive, seven phishing emails were observed targeting the medical industry, high-tech electronics, automotive and military equipment manufacturers, and a cleared defense contractor with subject lines very specific to the products of the California-based electronics manufacturing company.”

The majority of the attacks have been focused on the United States. However, roughly a quarter of them have hit organizations in Europe, Asia and Africa, making it a truly global campaign. Stay vigilant. As yet, no clear picture has emerged regarding the ultimate aims and goals of this mystery group.

Share
38
taylor
taylor

Related posts

March 10, 2025

The Hidden Threat: How Gift Card Scams Are Targeting Businesses Like Yours

Read more
February 11, 2025

CIO Landing Named to CRN’s MSP 500 List for 2025—For the Third Year in a Row!

Read more
December 4, 2024

Unlocking the Power of Windows 11: Tips for Maximum Productivity

Read more
© 2025 All Rights Reserved | Powered by CIO Landing