Organizations across Israel have been targeted with phishing emails impersonating cybersecurity firm ESET to facilitate the delivery of wiper malware, Hackread reports.
Malicious emails alerting of state-sponsored intrusions have been sent to lure organizations' cybersecurity teams into downloading the fraudulent "ESET Unleashed program," which features several ESET DLLs and would enable file and data deletion upon execution, according to an analysis from cybersecurity researcher Kevin Beaumont. While Beaumont noted that the attack indicated a successful compromise of ESET Israel's cybersecurity defenses, the cybersecurity company emphasized that its partner Comsecure had been breached. "Based on our initial investigation, a limited malicious email campaign was blocked within ten minutes. ESET technology is blocking the threat and our customers are secure. ESET was not compromised and is working closely with its partner to further investigate and we continue to monitor the situation," said ESET. While the identity of the attackers who may have infiltrated Comsecure's infrastructure remains uncertain, such an intrusion is suspected to have been conducted by pro-Palestine hacktivist operation Handala, which was previously reported by Trellix to be potentially associated with Iran.
