STATE ACTORS: Fata Morgana - Watering hole attack on shipping & logistics websites
Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar
24th. May 2023
Israeli Cybersecurity firm ClearSky Cyber Security has detected a "watering hole" attack on at least eight Israeli websites. The attack is highly likely to be orchestrated by a nation-state actor from Iran, with a low confidence specific attribution to Tortoiseshell (also called TA456 or Imperial Kitten).
The Infected sites collect preliminary user information through a script. We have discovered several details that suggest this script is used for malicious purposes.
In watering hole attacks, the attacker compromises a website that is frequently visited by a specific group of people, such as government officials, journalists, or corporate executives. Once compromised, the attacker can inject malicious code to the website which will be executed when users visit it.
Currently, the campaign focuses on shipping and logistics companies, aligning with Iran’s focus on the sector for the past three years. Learn More /...
About ClearSky
ClearSky cyber security provides cyber solutions, focused on threat intelligence services, mainly for the financial sector, critical infrastructure, public sector and the pharma sector. ClearSky focuses on creating a unique cyber suite to meet each client’s needs, ranging from threat intelligence, assessing and preparing the company for emerging threats, identifying possible threat actors targeting companies, Cyber TTX and developing a new defense layer to prevent, detect and mitigate Cyberattacks. Learn More /...
