An unknown threat actor is targeting companies in the US petroleum industry with a sophisticated data-stealing remote access Trojan (RAT) that previously had been used in attacks against retail and hospitality organizations.
Netskope says it observed a recent spike in alerts for the malware family — the Adwind RAT — among its customers operating within the petroleum industry.
The attacks appear to be originating from a domain belonging to Westnet, an Australian ISP.