While businesses focus on Business Email Compromise (BEC), ransomware, and commodity malware, a major cyber-threat is moving right under their radar: Advanced Persistent Threat (APT) actors.

A new report from cybersecurity researchers, Proofpoint argues multiple APT actors are specifically targeting SMBs, with goals ranging from cyber-espionage, to intellectual property (IP) theft, from disinformation campaigns, to outright destructive behavior. 

In some instances, APTs are also looking for money, especially when targeting blockchain firms and decentralized finance (DeFi) solutions.

Aligned interests

It’s also not uncommon for these APTs to have “aligned interests” with countries such as Russia, Iran, or North Korea, the researchers added. These groups are also quite formidable adversaries, the report claims. 

The researchers describe them as “skilled threat actors,” which are well-funded and with a clear goal in mind. Their modus operandi usually includes phishing. First, they would either impersonate, or take over, an SMB domain or email address, and then use it to send a malicious email to subsequent targets.  

If an APT compromised a web server hosting a domain, they’ll then use it to host, or deliver, malware to third-party targets. 

One such group is TA473, also known as Winter Vivern. This APT was observed targeting US and European government entities with phishing emails between November 2022 and February 2023. The group had used emails coming from either unpatched, or unsecure WordPress hosted domains, to target its victims. It also used unpatched Zimbra web mail servers to compromise government entity email accounts. 

When all is said and done, the APT phishing landscape is growing “increasingly complex”, the researchers are saying, adding that the threat actors are “avidly looking” to target vulnerable SMBs and regional MSPs.

Go to Source

Follow us on FacebookTwitter and InstagramWe are growing. Join our 6,000+ followers and us.

At TechRookies.com will strive to help turn Tech Rookies into Pros!

Want more articles click Here!

Deals on Homepage!

M1 Finance is a highly recommended brokerage start investing today here!

WeBull. LIMITED TIME OFFER: Get 3 free stocks valued up to $6300 by opening & funding a #Webull brokerage account! “>Get started >Thanks for visiting!

Subscribe to our newsletters. Here! On the homepage

Tech Rookies Music Here!

Disclaimer: I get commissions for purchases made through links in this post at no charge to you and thanks for supporting Tech Rookies.

Disclosure: Links contain affiliates. When you buy through one of our links we will receive a commission. This is at no cost to you. Thank you for supporting Teachrookies.com

Disclaimer: This article is for information purposes and should not be considered professional investment advice. It contains some forward-looking statements that should not be taken as indicators of future performance. Every investor has a different risk profile and goals. All investments have risks. Always do your own research or hire an expert before investing and trading.