U.S.-based supply chain-critical manufacturing organizations including those involved in machinery, semiconductors, pharmaceuticals, biotechnology, and consumer goods have been primarily targeted with the MixShell in-memory malware as part of the sophisticated ZipLine social engineering campaign, which also sought to compromise similar entities in Switzerland, Japan, and Singapore, The Hacker News reports.
Attacks commence with the exploitation of targeted firms' public 'Contact Us' forms to lure employees into entering weeks-long correspondences involving the distribution of non-disclosure agreements before the delivery of malicious ZIP files, an analysis from Check Point Research revealed. Included within the ZIP archives was a Windows LNK file prompting the eventual deployment of the MixShell payload, which allows not only remote command execution, reverse proxying, and persistence but also further network compromise. "The ZipLine campaign is a wake-up call for every business that believes phishing is just about suspicious links in emails. Attackers are innovating faster than ever blending human psychology, trusted communication channels, and timely AI-themed lures," said Check Point Research Threat Intelligence Group Manager Sergey Shykevich, who recommended the adoption of AI-powered security systems and increased vigilance on possible threats.
Attacks commence with the exploitation of targeted firms' public 'Contact Us' forms to lure employees into entering weeks-long correspondences involving the distribution of non-disclosure agreements before the delivery of malicious ZIP files, an analysis from Check Point Research revealed. Included within the ZIP archives was a Windows LNK file prompting the eventual deployment of the MixShell payload, which allows not only remote command execution, reverse proxying, and persistence but also further network compromise. "The ZipLine campaign is a wake-up call for every business that believes phishing is just about suspicious links in emails. Attackers are innovating faster than ever blending human psychology, trusted communication channels, and timely AI-themed lures," said Check Point Research Threat Intelligence Group Manager Sergey Shykevich, who recommended the adoption of AI-powered security systems and increased vigilance on possible threats.
