Targeting of U.S. utility companies
Date of report
  • August 2019
  • Unnamed state-sponsored APT
Between July 19 and July 25, 2019, a threat actor sent several spear-phishing emails to three U.S. companies in the utility sector. The emails were sent from a domain impersonating that of the National Council of Examiners for Engineering and Surveying, an authority in the industry. The emails contained Microsoft Word attachments that used macros to install and run a new remote-access Trojan (RAT) called LookBack.
Suspected victims
  • United States
Suspected state sponsor
  • Unknown
Type of incident
  • Espionage
Target category
  • Private sector