Novel Email-Based Campaign Targets Bloomberg Clients with RATs


Attacks dubbed ‘Fajan’ by researchers are specifically targeted and appear to be testing various threat techniques to find ones with the greatest impact.

A new email-based campaign by an emerging threat actor aims to spread various remote access trojans (RATs) to a very specific group of targets who use Bloomberg’s industry-based services.

Cisco Talos Intelligence researchers discovered the campaign, dubbing it and its perpetrator “Fajan,” and asserting it is likely the work of one actor from an Arabic-speaking country.

Researchers have been tracking the email based campaign since Fajan first commenced activity in March, recovering a “relatively low volume” of samples that make it tricky to determine “whether the campaigns are carefully targeted or mass-spammed,” according to a report posted online Wednesday.

Read more…