Even Highly Skilled Cyber-Thieves Make Stupid Mistakes !![source: bleepingcomputer]
Cobalt, a highly-skilled group of hackers who target banks and financial institutions, may have committed a mistake and accidentally leaked a list of all their current targets, according to Yonathan Klijnsma, a security researcher with RiskIQ.
The error occurred in a spear-phishing campaign that took place last week, on November 21.
Group accidentally exposes a list of targets
Klijnsma says the group sent out a mass email, but instead of including the campaign’s targets in the email’s BCC field, they added their targets’ emails in the “To:” field.
By doing so, the Cobalt group let researchers know who they were targeting, giving cyber-security firms a chance to reach out to potential victims and warn them of the ongoing campaign.
According to Klijnsma, the group targeted the emails of employees at financial institutions all over the world, with most targets located in Russia and Turkey.
The spear-phishing email used a subject line of “Changes to the terms,” had no inline text, and only featured an RTF file claiming to hold changes to SWIFT, an inter-banking money transfer system.
The RTF file was boobytrapped to exploit CVE-2017-11882, a vulnerability in the Office equation editor component, and was part of a bigger campaign Bleeping Computer reported on last week.
For more, click here.