Hackers Target Mandiant CEO Via Limo Service

Hackers Target Mandiant CEO Via Limo Service: Hackers are apparently stalking Kevin Mandia, chief executive of the cybersecurity company Mandiant.

The head of the company that famously highlighted Chinese cyber-espionage efforts earlier in the year may be feeling the effect of retaliation, as evidenced by a targeted attack he uncovered that makes use of his limo company.

Every time a car ferries him to one place or another (and Mandia has a lot of speaking engagements), the car service emails him PDFs of his bill. Somehow, bad actors have hijacked that process, which he discovered after being sent invoices on days he hadn’t used the service, so Mandia had them checked out.

“I’ve been receiving PDF invoices not from them, but from an [advanced hacking] group back in China; that’s awesome,” Mandia told Foreign Policy. “I forwarded them to our security service, and they said, ‘Yup, that’s got a [malicious] payload.'”

Hackers were able to find out the name of the limo service and spoof an address to send appropriate-looking messages from there. It begs the question of how the attackers were able to gain such intimate knowledge of Mandia’s personal movements.