Breach cyber

ESET

Aug 8, 2024 1 min read
ESET

In May 2024, significant phishing campaigns targeted SMBs in Central and Eastern European countries like Poland, Romania, and Italy, distributing malware families such as Agent Tesla, Formbook, and Remcos RAT. ESET researchers identified multiple waves of attacks exploiting compromised email accounts and company servers, resulting in over 21,000 users in Poland being impacted. Malicious emails were sent to businesses, with attachments containing ModiLoader for malware delivery. The sophistication of these campaigns indicates an increased cybersecurity threat level for SMBs, with data theft and system compromise as potential outcomes.

Source: https://securityaffairs.com/166380/cyber-crime/phishing-campaigns-target-smbs-poland.html

TPRM report: https://scoringcyber.rankiteo.com/company/eset

"id": "ese001080824",
"linkid": "eset",
"type": "Breach",
"date": "7/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 21000,
                        'location': ['Poland', 'Romania', 'Italy'],
                        'type': 'SMBs'}],
 'attack_vector': 'Phishing Emails',
 'date_detected': 'May 2024',
 'description': 'In May 2024, significant phishing campaigns targeted SMBs in '
                'Central and Eastern European countries like Poland, Romania, '
                'and Italy, distributing malware families such as Agent Tesla, '
                'Formbook, and Remcos RAT. ESET researchers identified '
                'multiple waves of attacks exploiting compromised email '
                'accounts and company servers, resulting in over 21,000 users '
                'in Poland being impacted. Malicious emails were sent to '
                'businesses, with attachments containing ModiLoader for '
                'malware delivery. The sophistication of these campaigns '
                'indicates an increased cybersecurity threat level for SMBs, '
                'with data theft and system compromise as potential outcomes.',
 'impact': {'data_compromised': 'Unknown',
            'systems_affected': 'Email Accounts and Company Servers'},
 'initial_access_broker': {'entry_point': 'Compromised Email Accounts'},
 'motivation': ['Data Theft', 'System Compromise'],
 'references': [{'source': 'ESET Researchers'}],
 'title': 'Phishing Campaigns Targeting SMBs in Central and Eastern Europe',
 'type': 'Phishing Campaign'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.