Targeted Trident cyber-attack against defence company

Targeted attacks occur when cybercriminals launch malware against a specific organisation, industry or government department. In recent years we’ve often seen these distributed in the form of booby-trapped Word documents or malformed Adobe PDF files.

Overnight we intercepted an attack against a firm working in the defence industry (which we will not name for obvious reasons). The emails carried a malicious PDF file claiming to be about the Trident D-5 missile, launched from nuclear submarines.

The emails we saw read as follows:

Subject: TRIDENT D-5 MISSILE TECHNICAL REPORT

Message body:
Dear all,

Attached Trident D-5 Missile Explosive Propellant Hazards.

(Please note that this summary does not discuss the conventional explosive material inside the Trident W76 and W88 nuclear warheads, which is an additional hazard.This previously unpublished report was prepared in support of our environmental lawsuit…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.