The cyberattack earlier this year against Indian outsourcer Wipro, as well as several of its customers, is part of a much larger, multiyear phishing campaign that involves many more companies used as jumping off points, according to an analysis by the security firm RiskIQ.
The ultimate goal of the unknown group behind the campaign is not fully understood, but it appears that financial gain, especially through the manipulation of gift cards, is at least a major motivating factor.
The group – tentatively named “Cardshark” – behind the campaign prefers to use commercially available open source software as part of its attack and as a way to cover its tracks, RiskIQ researchers determined.
The group also uses PowerShell scripts to steal credentials and certificates, which has conducted previous analyses of various skimmer attacks.
With thanks to the Cyber Defence Alliance and BankInfoSecurity. The article is a review of the unknown group, their TTPS and campaigns and is here: https://www.bankinfosecurity.com/wipro-attack-tied-to-larger-phishing-campaign-analysis-a-12699
Find out how affordable cyber security awareness training is for your organisation. Get a quote now.