"According to the researchers, the process often begins with a compromised account on a freight placement platform or a hijacked carrier email account. The attack is launched as soon as, for example, a carrier responds to a fake freight offer: the attacker sends a malicious link or file that installs an RMM tool. With that access, the criminal can pose as a trusted party, change bookings, block notifications, and even use planners' phones to communicate directly with brokers."
"The use of this type of tooling is striking. In the cases analyzed, software packages such as ScreenConnect, SimpleHelp, PDQ Connect, Fleetdeck, N-able, and LogMeIn Resolve were used. Proofpoint has determined with a high degree of certainty that organized crime is involved in this chain of attacks, aimed at stealing and then reselling or exporting goods. The logistics sector is an attractive target due to the physical value of cargo and the complex chain of parties involved."
Cybercriminals target transport and logistics by recruiting carriers and freight agents through seemingly trustworthy invitations, then installing Remote Monitoring and Management (RMM) tools on organizational systems. Attacks commonly begin with compromised freight placement accounts or hijacked carrier email accounts. When a carrier responds to a fake freight offer, attackers send malicious links or files that install RMM software. With access, attackers pose as trusted parties, change bookings, block notifications, and use planners' phones to communicate with brokers. Attackers use tools such as ScreenConnect, SimpleHelp, PDQ Connect, Fleetdeck, N-able, and LogMeIn Resolve. Organized crime groups use these chains to steal, resell, or export cargo worldwide.
Read at www.techzine.eu
Unable to calculate read time
Collection
[
|
...
]