Cybercriminals are targeting trucking and logistics companies to steal cargo freight through elaborate attack chains. They compromise companies and use their access to bid on cargo shipments, which they then steal and sell. The threat actors typically deliver remote monitoring and management (RMM) tools as a first-stage payload. This cyber-enabled theft is part of a multi-million-dollar criminal enterprise that has increased due to digital transformation. The attackers use tactics such as compromising load boards, email thread hijacking, and direct targeting via email campaigns. They deliver RMM tools like ScreenConnect, SimpleHelp, and PDQ Connect, which grant full control of compromised machines. The activity has been observed since at least June 2025, with nearly two dozen campaigns in the last two months alone. Author: AlienVault
Related Tags:
trucking
cargo theft
LogMeIn Resolve
N-able
PDQ Connect
Fleetdeck
Danabot
T1588.002
stealc
Associated Indicators:
913375A20D7250F36AF1C8E1322D1541C9582AA81B9E23ECAD700FB280EF0D8C
CF0CEE4A57AAF725341D760883D5DFB71BB83D1B3A283B54161403099B8676EC
4E6F65D47A4D7A7A03125322E3CDDEEB3165DD872DAF55CD078EE2204336789C
8A00B3B3FD3A8F6B3EC213AE2AE4EFD41DD5738B992560010AB0367FEE72CD2A
EB0D113832F6F1AD0938128964F2513F6E485538
5750AD38FC9BF64EE9D4A352684DE4C2
confirmation-rate.com
scarrierpack.com
brokercarriersetup.com