Cyber-security experts say hackers in the Middle East are trying to infiltrate vital infrastructure companies and use booby-trapped spreadsheets that appear to contain "the worst passwords" that are very popular with users.
Cyber security company Dell SecureWork has been tracking a spy campaign focused on targets in the Middle East since May this year, according to a blog published earlier this week.
Security researchers said they did not have enough evidence to point the finger at any known hacking group, but said the hackers could be linked to APT33 or APT34, which are believed to be working for the Iranian government.
Hackers have used techniques such as password guessing to infiltrate victim accounts. They then use hacked accounts to route phishing emails with malicious attachments to other people in the hacked organization.
In one case in 2018, experts found hackers using a spreadsheet that appeared to contain security tips that reminded people of using a powerful anti-virus and password tool. The 'Worst 25 Passwords for 2017' spreadsheet contained malware according to SecureWork.
"It's a great way of hacking through social engineering where hackers take advantage of one of the best ways to persuade users to open files with security tips," said Wendy Nather, head of information security consultant at Cyber Security.