Do you know what questions to ask when you're looking for an IT firm? We're here to help. Get the free guide delivered right to your inbox:
Global eyes are soon to be turned to the first global football tournament to be held in the Arab world kicking off on November 20, but malicious actors have already kicked off are World Cup-themed cyberattacks. Email security researchers from the Trellix Advanced Research Center have found attackers to be leveraging FIFA and football-based campaigns to target organizations in Arab countries. It is a common practice for attackers to utilize the important/popular events as a part of the social engineering tactics and particularly target the organizations which are related to event.
The attack on trusted individuals in order to get access to the network and gain illegal access is mainly targeting Arab countries, but attackers are also infecting victims in certain other countries.
The attacks have been observed on limited number of organizations and the data breach has occurred due to a virus exploiting the zero-day vulnerability, 0x00F4. The key point is that attackers have successfully exploited the zero-day vulnerability and failed to get any attention from Microsoft or other antivirus vendors. The attempt to exploit this zero-day vulnerability was first received by email security researchers from Trillix Advanced Research Center who informed Microsoft about their findings. Microsoft has confirmed the existence of the zero-day vulnerability and sent out a patch to Microsoft ‘s partners for their end-users to be fixed. However, there is no update for Linux users as the GNU/Linux platform does not have fix or security updates available.
The zero-day was first recorded with a number of IoT devices such as routers, Internet routers etc. It was observed on at least 2 Linux machines and an Android smartphone while they were infected with the malware which was leveraging one known as “Android/TrojanDownloader.Multi.Bekhacker” which was targeting organizations in Arab countries specifically in Tunisia and Algeria.
Source: Email Cyberattacks on Arab Countries Rise in Lead to Global Football Tournament - AlienVault - Open Threat Exchange