Operation “Space Race”: reaching the stars through professional Social Networks

Operation “Space Race”: reaching the stars through professional Social Networks

At the beginning of May 2020, Telsy analyzed some social-engineering based attacks against individuals operating in the aerospace and avionics sector performed through the popular professional social network LinkedIn.

According to our visibility, the targeted organizations are currently operating within the Italian territory and the targeted individuals are subjects of high professional profile in the aerospace research sector.

Adversary used a real-looking LinkedIn virtual identity impersonating an HR (Human Resource) recruiter of a satellite imagery company with which it contacted the targets via internal private messages, inviting them to download an attachment containing information about a fake job vacation.

Based on code similarities of analyzed pieces of malware, Telsy asserts, with a medium degree of confidence, that the reported event is to be linked with the threat actor known by community as Muddywater (aka Static Kitten, aka Mercury).

For questions, concerns or more information regarding the reported event, it’s possibile to refer to the email address threatint@telsy.com

Download the full PDF report by clicking on the icon below:

In addition, it’s possible to refer to our GitHub repository for text format Indicators of Compromise

Leave a Reply

Your email address will not be published. Required fields are marked *

Utilizzando il sito, accetti l'utilizzo dei cookie da parte nostra. maggiori informazioni

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.