Kaspersky ICS CERT found a campaign targeting some Asian nations and using legitimate online services to spread malware. The campaign targets governments and industrial organisations, deploying malware hidden as tax documents delivered through phishing. The attack, named “SalmonSlalom”, utilised Chinese cloud services and other methods to evade detection. While not directly attributable to any particular group, the tactics suggest a Chinese-speaking threat is involved. Kaspersky recommended measures to prevent attacks, including two-factor authentication, regular updates, and deploying a SIEM system.
Operation SalmonSlalom: Kaspersky discovered a new attack targeting industrial organizations in APAC – ETCIO
Cybersecurity firm, Kaspersky has discovered a new cyber attack, dubbed ‘Operation SalmonSlalom’, targeting industrial organizations in the Asia-Pacific region.
