A sophisticated cyber campaign has been identified targeting individuals in Israel, specifically academics and journalists. The threat actor behind these efforts is known as APT42. These attacks rely heavily on phishing, a common but often effective technique used to gain unauthorized access.
What makes this campaign particularly concerning is the method of deception employed by APT42. They are actively impersonating trusted figures, specifically posing as cyber experts. By mimicking credibility, the attackers aim to trick recipients into clicking malicious links, downloading harmful attachments, or divulging sensitive information such as login credentials.
The selection of targets – academics and journalists – suggests a potential motive related to intelligence gathering or espionage. These professions often involve handling sensitive data, conducting research, and communicating with a wide range of sources, making them valuable targets for state-sponsored or highly organized groups. This highlights the ongoing threat posed by advanced persistent threats like APT42 and the importance of vigilance, particularly for individuals working in sectors that may be of strategic interest. Recognizing the signs of a phishing attempt and verifying the legitimacy of unsolicited communications remains a critical defense.
Source: https://securityaffairs.com/179372/apt/apt42-impersonates-cyber-professionals-to-phish-israeli-academics-and-journalists.html
