Bitdefender researchers have discovered a highly targeted spearphising campaign that aimed the oil and gas stakeholders in the United States, Malaysia, Iran, South Africa, Oman, Saudi Arabia and United Arab Emirates.
Ahead of the 10th OPEC+ meeting, that took place on April 12, the oil prices were down more than 55% year-to-date, the Saudi Arabia-Russia oil price war intensified, and global demand plunged by coronavirus lockdowns. Plenty of reasons for cyber operatives to scoop out and find how specific countries plan to address the issues in the OPEC+ meeting and the aftermath.
The sinister spear phishing campaigns are specifically targeting Oil & Gas operations by impersonating a well-known Egyptian Engineering contractor and shipment company to drop dangerous Trojan spyware and marks the first sophisticated attack on the oil & gas sector using spearphishing and keylogging capabilities.
The spearphishing email impersonates Egypt’s state oil company, Engineering for Petroleum and Process Industries (Enppi) and claims to invite the recipient to submit a bid for equipment and materials, as part of a project (Rosetta Sharing Facilities Project) on behalf of a well-known gas company (Burullus). Investigators have analysed the profile of the affected victims and note the attack has circulated far and wide. Targets we’re identified in oil & gas, charcoal processing, hydraulic plants, manufacturing of raw materials, and shipping of large merchandise.