LogMeIn Remote Access Abused in Targeted System Compromise

A sophisticated cyberattack campaign has been uncovered, leveraging LogMeIn Resolve remote access software to gain unauthorized control over user systems.

Security researchers report that the attack begins with a convincingly crafted invoice-themed spam email, designed to trick recipients into opening a malicious PDF attachment.

This campaign highlights the ongoing threat of social engineering tactics and the abuse of legitimate IT tools for malicious purposes.

Attack Chain: From Invoice Email to System Compromise

The initial stage of the campaign involves a spam email that claims to contain an overdue invoice. The email urges the recipient to open an attached PDF, which mimics a standard business document.

Upon opening, the document displays a message prompting the user to update Adobe Acrobat Reader to view the invoice. However, instead of a legitimate update, this prompt initiates the silent installation of LogMeIn Resolve, a legitimate remote access tool.

Once ...