Group 74 Targets Cyber Conference Delegates In Malware Attack

Threat actors, Group 74, have targeted people attending the Cyber Conflict US Conference being held in Washington next month. They have distributed a flyer that delivers a VBA payload. Cleverly, the bad guys copied the text from the real flyer from the conference website and used that to craft their attack. While this isn’t a new technique it’s interesting that they are specifically focussing on security experts, presumably as a way of boosting their credibility in the hacker community.

While you’d think cybersecurity pros would be a hard target to hit, they are surprisingly trusting at their own events.

Earlier this year, Darren Kitchen and Shannon Morse from Hak5 revealed that they dropped 100 USB Rubber Duckys (USB devices that can be used to deliver malicious payloads to devices by exploiting weaknesses in the HID interface) at this year’s RSA Conference in San Francisco. Almost two-thirds were opened by unsuspecting conference delegates.

And, three years before, while I was at the RSA event during the revelation of the “goto fail” vulnerability in Apple’s TLS implementation, I was amazed at the number of people connecting their Macs to the conference wireless network before the patch was released.

While the report by Cisco Talos is interesting it points to a growing reality. Today’s threats actors aren’t indiscriminately targeting broad audiences. They are focussing their efforts on specific groups and exploiting weaknesses, such as a over-confidence, in order to delver malicious payloads.

As always, it is important tp remain vigilant, regardless of your working context.

The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.


Leave a Reply