Phishing Emails Distributed to Singaporean Companies

Jun 21 2024

Recent phishing email cases targeting Singaporean companies over the past month are as follows. The targeted companies include those in the manufacturing and media sectors. These phishing emails typically encourage recipients to execute attached malware files or click on URLs. This process can lead to the theft of user information, and through the stolen information, critical secondary damages such as unauthorized access to victim company systems can occur. Please take special caution by referring to these dissemination cases.

Case 1. Phishing email, disguised as the Singapore Chemical Industry Council (SCIC), targeting employees of a Singaporean furniture manufacturing company

Disguise

– Invitation email for an event hosted by the Singapore Chemical Industry Council (SCIC)

How the phishing behavior is triggered

– Inducing execution of an EXE file within an attached compressed file

Post-infection impact

– Malware operation in the form of Formbook

– Connects to C2 and performs additional malicious activities based on the threat actor’s commands

– C2 : hxxp://www.byteffeder

Figure 1. Phishing email

Stay ahead of emerging threats with more actionable insights from AhnLab TIP, our next-generation threat intelligence platform.

Phishing Emails Distributed to Singaporean Companies

Case 1. Phishing email, disguised as the Singapore Chemical Industry Council (SCIC), targeting employees of a Singaporean furniture manufacturing company

CERT Report June 2024

Xctdoor Malware Used in Attacks Against Korean Companies (Andariel)

Case 1. Phishing email, disguised as the Singapore Chemical Industry Council (SCIC), targeting employees of a Singaporean furniture manufacturing company

Tags:

CERT Report June 2024

Xctdoor Malware Used in Attacks Against Korean Companies (Andariel)