A hacking group has been using social engineering impersonation techniques in which they use at least two controlled personas on a single email thread to convince targets of the legitimacy of their campaign. A controlled persona is someone who is pretending to be someone else to convince the target of the legitimacy of a campaign.
In this new technique, the hackers hold a conversation between one another’s controlled personas by exchanging emails. The goal of this technique is to target a victim in email exchanges or conversations. The victim is made to think that they were included in the conversation accidentally. However, the objective is to get the victim’s attention by piquing their interest or curiosity on the subject at hand.
The hackers disclose information in a way that is meant to build interest or suspense so that the victim will want to find out more. After getting the victim’s attention, the criminals send malicious files as attachments to get the person to download them.
This technique is intriguing because it requires that multiple personas be created and used to lure a target victim. In many cases, the personas appearing in the email threads might appear to be well-known scientists or figures. In this case, hackers are refining their techniques to include social engineering, phishing, and impersonation.
One particularity of this specific attack is that it attempts to target people who are experts or are otherwise involved in certain areas, like geopolitical affairs or the scientific community.