SilverTerrier: The Business Email Compromise (BEC) threat group tracked by Palo Alto as SilverTerrier has switched tactics to use COVID-19 themed lures since January 2020. The group has also started targeting government healthcare agencies, regional utility entities, COVID-19 response organizations, and medical research facilities, showing little restraint in who they are targeting in the scams. According to Palo Alto researchers, the SilverTerrier group alone averaged over 92,000 BEC attacks per month in 2019. BEC attacks are becoming more common amongst threat actors as a way to trick their targets into initiating fraudulent wire transfer into accounts the group runs through money mules. In the case of SilverTerrier, they are also known to include malicious tools in their emails such as Agent Tesla, AzoRult, Lokibot, Pony, and PredatorPain as information stealers and also Remote Access Trojans (RATs) such as Netwire, Darkcomet, Hworm, NanoCore, Remcos, ImminentMonitor, Adwind, Revenge, and WSHRat. By using these tools during their attacks, the threat actor is able to access and steal information from their victims after they manage to compromise their network.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security