Vietnamese Hackers Hit Digital Marketers With Info Stealers

Cybercrime groups in Vietnam are targeting the digital marketing sector in the United Kingdom, United States and India with multiple malware strains, including the widely used DarkGate information stealer, security researchers report.

See Also: Defending Against the Rising Tide of Fraud: Resilience Strategies for Businesses

Security firm WithSecure’s Detection and Response Team said it tracked multiple Vietnamese cybercrime groups running social engineering campaigns in September, designed to trick marketing professionals into downloading malicious files masquerading as job descriptions and salary details.

Schemes used by attackers included using fake job openings at Corsair, a computer memory and hardware manufacturer, to convince individuals to download a malicious file called Job Description of Corsair.docx. They also used job openings at Indian finance company Groww as bait in India.

The Vietnam-based groups likely purchased the information-stealing malware from cybercrime marketplaces and used them interchangeably when attacking specific sectors or groups, researchers said. The malware samples used in the campaigns included the well-known DarkGate info stealer, as well as Ducktail, Lobshot and Redline.

Researchers said attackers’ tactics and choice of malware overlapped heavily, making it difficult to attribute any given…