Spear Phishing Campaign Hits Dozens of Chemical, Defense Firms

Orome1 writes "Nearly 50 (and quite possibly more) companies in the chemical, defense, and other sectors have been hit with a spear phishing campaign carrying a backdoor Trojan with the ultimate goal of exfiltrating R&D and manufacturing information, revealed Symantec in a newly released report. The attacks against these companies started in late July 2011 and lasted until the middle of September 2011, but the attackers are thought to be the same ones who targeted human rights related NGOs and companies in the motor industry in May." Here's a link to the report itself (PDF).

Re:What is Spear Phishing ?

[cduffy]

It seems to me that a well edited summary of the story might give us an idea of what Spear Phishing is.. at least, why is it different than normal phishing?

Is it because it has a trojan? What? huh?

Spear phishing is different because it's highly targeted.

Happy to help.

Re:What is Spear Phishing ?

[HopefulIntern]

Which is why the term is so apt. Fishing is the act of throwing a line out waiting for something to bite (sending unsolicited emails to hundreds and thousands of people and hoping someone will "bite"). Spear fishing requires the identification of a single fish, in the shallow water, and pinning it with a spear. Hence, the precision metaphor.