Airline Credential-Theft Takes Off in Widening Campaign


A two-year-old espionage campaign against the airline industry is ongoing, with AsyncRAT and other commodity remote-access trojans (RATs) helping those efforts take flight. The campaign can effectively be a bird strike to the business engine, so to speak, resulting in data theft, financial fraud or follow-on attacks, researchers said, who have uncovered new details about the perpetrators.

According to Tiago Pereira and Vitor Ventura at Cisco Talos, “Operation Layover” is likely the work of an unsophisticated threat actor based in Nigeria, which has been active on the cybercrime scene for at least six years in various campaigns against multiple sectors.

Read more…
Source: ThreatPost