A new phishing campaign targets specific targets by trying to distribute various remote access Trojan (RAT) variants. According to Cisco Talos Intelligence researchers, this hacking campaign was identified as “Fajan” and could be being operated from an Arabic-speaking country.
Experts believe this campaign would have started in early March, starting with a commitment to “low-profile” targets to determine whether malware samples were properly distributed or some debugging process was needed.
Attacks begin in the form of emails specifically addressed to Bloomberg Industry Group customers. This company adds news content on platforms for various industries, such as law, taxes and accounting, and government, and sells them to its various customers.