{“lastseen”:”2025-11-06T20:05:08″,”description”:”There\u2019s a modern-day train heist happening across America, and this time, some of the bandana-masked robbers are sitting behind screens.\\n\\nAccording to new research, a group of cybercriminals has been attacking trucking, freight, and logistics companies for months, impersonating brands and even diverting real cargo shipments to unapproved locations so that the stolen goods can be sold or shipped elsewhere.\\n\\nThe impact, the researchers said, extends far beyond the logistics industry:\\n\\n\\u003e \u201cSuch crimes can create massive disruptions to supply chains and cost companies millions, with criminals stealing everything from energy drinks to electronics. The most targeted commodities are food and beverage products.\u201d\\n\\nAlthough the cyberattacks were mostly seen in North America, cargo theft is a problem across the world, impacting consumers and businesses that rely on the often-overlooked network of trucks, trains, ships, planes, and people.\\n\\nIn these attacks, cybercriminals compromise the accounts of carrier companies that transport goods from one location to the next. By posing as legitimate carriers, they can place real bids on shipments and then redirect them to unauthorized destinations, where they or their partners will receive and steal the cargo.\\n\\nResearchers found that attackers take control of these accounts in at least one of three ways.\\n\\n**1\\\\. Fake load boards**\\n\\nAttackers may post a fake order on what’s called a \u201cload board,\u201d a digital marketplace that connects shippers with carriers so that cargo can be assigned and accepted. But when legitimate carriers inquire about the fake load board posting, the criminals reply with an email that includes a malicious link that, when clicked, installs Remote Monitoring and Management (RMM) software. (To make the scam more convincing, the cybercriminals also compromise a \u201cbroker\u201d account so their load board posting looks legitimate.)\\n\\nDespite the sneaky install method, RMM software itself is entirely legitimate. It’s used by IT support teams to remotely fix issues for employees. But that legitimacy makes RMM software perfect for any cybercriminal campaign because it may raise fewer red flags from older antivirus tools.\\n\\nOnce the attackers gain access to a carrier\u2019s account, they can also deploy malware to steal account credentials, giving them greater access to a company\u2019s network.\\n\\n**2\\\\. Compromised email accounts**\\n\\nA second observed attack method involved hijacking an active email address and then impersonating the owner when responding to emails about cargo orders and shipments. Here, too, cybercriminals inserted malicious links into emails that eventually install RMM tools.\\n\\n**3\\\\. Social engineering**\\n\\nFinally, researchers also observed the attackers sending direct phishing emails to carriers, using classic social engineering tricks\u2014like sending a bogus bill to lure victims into clicking malicious links. \\n\\nWhile many of the well-tested security best practices still apply\u2014like not clicking on links inside emails\u2014one of the strongest defenses is to use a security product that notifies users about RMM tools (also sometimes referred to as Remote Desktop Programs) installed on their device. RMM tools are legitimate, but because of their abuses in cybercriminal campaigns, it is important that every installation is verified and tracked.\\n\\n* * *\\n\\n**We don\u2019t just report on threats\u2014we remove them**\\n\\nCybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.”,”published”:”2025-11-06T19:39:44″,”modified”:”2025-11-06T19:39:44″,”type”:”malwarebytes”,”title”:”Hackers commit highway robbery, stealing cargo and goods”,”source”:””,”references”:””,”id”:”MALWAREBYTES:2F2708FA4E198DA5DC4F915EA53A956B”,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2025\/11\/hackers-commit-highway-robbery-stealing-cargo-and-goods”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-11-06T20:05:08″,”description”:”There\u2019s a modern-day train heist happening across America, and this time, some of the bandana-masked robbers are sitting behind screens.\\n\\nAccording to new research, a group…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-25019","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n