More U.S. Utility Firms Targeted in Evolving LookBack Spearphishing Campaign

A spearphishing campaign first uncovered in July is hitting more utilities firms and spreading the LookBack malware, which has capabilities to view system data and reboot machines. A spearphishing campaign, first spotted in July targeting three U.S. utility companies with a new malware variant, has evolved its tactics and extended its targeting to include nearly 20 companies. The campaign was first discovered in phishing emails, sent between July 19 and 25, which targeted utility companies with malicious attachments attempting to spread the new malware variant LookBack. The malware has capabilities to view system data and reboot machines. Researchers with Proofpoint have now identified a more recent wave of the campaign, taking place between Aug. 21 and 29, which targeted additional U.S. companies in the utilities sector.