A cyberespionage campaign targeted European Union officials with a fraudulent invitation to a purported wine tasting.
It’s an email that leaves a bad aftertaste in your mouth. European Union officials received a fake invitation to a wine tasting, reveals a report from cybersecurity firm Zscaler, published on February 27. The message contains malware, called “WineLoader” by cyber experts, responsible for infiltrating the PC.
The invitation was allegedly sent by the Indian embassy. The attackers carefully crafted the content of the email to pose as diplomatic agents. However, the email includes a malicious link which leads to a questionnaire to be completed in order to participate.
Particularly sophisticated malware
Overall, the hackers demonstrated a high level of sophistication in both crafting the social engineering campaign and the malware, the researchers said.
WineLoader has functions aimed specifically at evading detection. The techniques used include encrypting sensitive information in memory so as not to alarm scanning programs responsible for spotting threats. A backdoor into the victim’s system could be placed, to provide a secret and persistent entry for the benefit of attackers.
The email in question was opened inadvertently by several individuals. Zscaler states that its experts cannot currently attribute this operation to a known group of hackers. European Union agents are permanent targets of foreign powers who seek to spy on internal discussions and anticipate decisions from Brussels.
Do you want to know everything about the mobility of tomorrow, from electric cars to e-bikes? Subscribe now to our Watt Else newsletter!