Cybercriminals borrow from APT playbook in attack against PoS vendors
Cybercriminals are increasingly copying cyberespionage groups in using targeted attacks against their victims instead of large-scale, indiscriminate infection campaigns.
This change in tactics has been observed among those who launch attacks, as well as those who create and sell attack tools on the underground market.
A recent example of such behavior was seen in a cybercriminal attack against vendors of point-of-sale systems that researchers from RSA documented last week.
The attackers sent emails to specific vendors impersonating small businesses such as restaurants. This technique, known as spear-phishing, is typically associated with advanced persistent threats (APTs)—highly targeted, customized attacks whose goal is usually long-term cyberespionage.