CNN
,
Cybercriminals hacked employees of at least two US federal civilian agencies last year as part of a “widespread” fraud campaign that sought to steal money from individuals’ bank accounts, US cybersecurity officials said Wednesday. disclosed to
In one case, unknown hackers posing as tech support persuaded a federal employee to call them and then directed the federal employee to visit a malicious website, according to advice A threat-sharing center for the US Cyber Security and Infrastructure Security Agency, the National Security Agency, and state and local governments known as MS-ISAC.
The goal of the scam, which appears to have affected both the private sector and government agencies, was to trick victims into sending money to the fraudsters. It was not clear whether this happened in the case of federal employees.
The episodes underscore how federal officials, like others, can be tricked into sharing sensitive financial information — and that they may not find out about it for weeks or even months.
CISA discovered the activity in October 2022, but the hackers had been sending phishing emails to personal and government email accounts of federal employees since at least June, according to the advisory.
The advisory said that forensic analysis “identified related activity” on several other federal networks in addition to the two initial agency victims.
While there were clearly financially motivated crooks behind the campaign, US agencies said they were concerned that such hackers could sell stolen data to government-backed spies. Officials said the legitimate tech-support software used in the scam is useful to hackers who want to maintain long-term access to networks.