Malware Targeting Aerospace Industry Hacked
Adwind, AKA AlienSpy, Frutas, jFrutas, Unrecom, Sockrat, JSocket, jRat, has resurfaced. The cross-platform Remote Access Trojan is being used to target enterprises in the aerospace industry, especially in Switzerland, Austria, Ukraine, and the US.
Adwind is used to steal credentials, keylogging, taking pictures and screenshots, data gathering, and exfiltration of data. The attack uses social engineering tactics to trick victims into clicking on malicious links through span email. Much of these emails are impersonating the chair of the Mediterranean Yacht Broker Association (MYBA) Charter Committee.
Once infected, the malware also collects system’s fingerprints, along with the list of installed antivirus and firewall applications.
Return To Article
