A threat actor got a near-continuous view into an influential finance executive's email inbox, thanks to clever use of legitimate, native Windows tools.
June 3, 2026
An unknown hacker or hackers managed to spy on a senior member of an unnamed global stock exchange for at least five months.
Lots of questions still surround an email spying campaign reported by Symantec and Carbon Black this week, like who was behind it and how they obtained initial access. What's clear is that some threat actor subtly, meticulously crept into a high-ranking finance executive's Microsoft Outlook mailbox and siphoned off months' worth of emails.
Those emails likely contained intimate information about the target's organization, from contacts and calendar events to the details of specific business deals. Considering the nature of the target's organization — a major financial exchange — that intelligence could have been of significant value to businesses, investors, or a foreign government.
