Contact Contact Us

Stolen Pencil APT Campaign Targets Academic Institutions Since May

The Stolen Pencil APT campaign, which has links to North Korea, has been targeting academic institutions since at least May 2018. A huge number of victims have expertise in biomedical engineering. Targets receive spear phishing emails that direct them to a website with a lure document, where they are prompted to install a malicious Google Chrome extension. Once the attackers gain a foothold in the targeted networks, they use built-in Windows administration tools and existing commercial software to access compromised systems. As there is no evidence of data theft, the motivation of the campaign remains unclear.

[1] STOLEN PENCIL Campaign Targets Academia

Ensign InfoSecurity Singapore
30A Kallang Place
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883