Vendetta: A threat actor who has been active throughout 2020 is now posing as a top Taiwanese infectious disease official and attempting to steal sensitive data from Taiwanese users. Specially crafted spear-phishing emails were targeting employees at Taiwan’s Centers for Disease Control according to ElevenPaths, a cybersecurity unit of the Spanish telecommunications firm Telefonica. The campaign began in early May as the emails were warning victims to get tested for COVID-19. The emails had an attachment that contained a remote tool that was capable of stealing login credentials and hijacking the victim’s webcams. These tools are commonly used by attackers to steal intelligence from their targets. Based on who the emails targeted, the group was likely attempting to steal information about research done in Taiwan for COVID-19.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in