Panda Security has released “Operation Oil Tanker: The Phantom Menace”, a groundbreaking report that details a malicious and largely unknown targeted attack on oil tankers.
First discovered by Panda Security in January 2014, the ongoing attack on oil cargos began in August 2013, and is designed to steal information and credentials for defrauding oil brokers.Despite having been comprised by this cyber-attack, which Panda has dubbed “The Phantom Menace”, none of the dozens of affected companies have been willing to report the invasion and risk global attention for vulnerabilities in their IT security networks.
“The Phantom Menace” is one of the most unique attacks that PandaLabs has ever discovered. No antivirus engine was able to detect it when first triggered, primarily because the attackers used legitimate tools in conjunction with a number of self-made scripts to bypass any warnings that traditional AV software would detect. It was only discovered when a secretary opened a nonspecific attachment to an email – a type of file that Panda Security would later identify among ten different companies in the oil and gas maritime transportation sector.