MARINE CORPS AIR GROUND COMBAT CENTER TWENTYNINE PALMS, Calif. --
The malicious website masquerades as a website intended to help U.S. military veterans find a job. The users are prompted to download a desktop application intended to provide user access to job listings. When installing the fake desktop application, the software reports an installation failure to the user, and installs malware in the background. The software installs both a Remote access Tool (RAT) and a reconnaissance tool. The reconnaissance tool allows the attacker to retrieve information on the compromised system, and the RAT enables remote access for the attacker. The malicious group is likely to distribute links to the malicious site via phishing emails targeting personal email accounts.
All USMC personnel should remain vigilant when accessing unknown websites. Personnel should be particularly cautious of websites that cater to DoD personnel. This and other fake websites are often distributed via phishing emails with malicious embedded links. USMC personnel should avoid opening email links or downloading attachments from unknown senders. Forward all suspicious emails to firstname.lastname@example.org