A cyber espionage campaign targeted a senior executive's Outlook account at a major global stock exchange, allowing attackers to silently steal emails over five months (October 2025 to March 2026). Investigated by Broadcom's Symantec and Carbon Black, the campaign saw the attackers collect sensitive data about negotiations, internal discussions, and market-sensitive events. The intrusion began with malware disguised as legitimate applications and included the exfiltration of data through Dropbox and OneDrive.
The attack, not financially motivated and likely state-linked, exemplifies the risks posed by compromised executive accounts. Researchers recommend organizations monitor for signs of similar intrusions.