PROOFPOINT researchers have observed crooks targeting trucking and logistics companies with coordinated remote access campaigns to steal cargo and divert payments, a trend the article says is linked to organised crime. The findings describe cyber-enabled cargo theft expanding rapidly, with losses in North America reaching $6.6 billion in 2025 as cyberattacks disrupt supply chains for profit.
In February 2026, attackers breached a load board platform and sent carriers fake shipping job emails, delivering a malicious VBS file that launched a PowerShell script and installed remote access tools. The report notes a new signing-as-a-service method used to deploy a stealthy ScreenConnect instance, including a signed installer and re-signed components to evade detection and maintain persistence.
Researchers detail extensive post‑compromise activity, including profiling victims, exfiltrating browser and financial data, and targeting banks, money transfer services, and freight platforms to facilitate financial fraud and cargo diversion. The article highlights that the attackers focus on remaining hidden and on gathering intelligence to exploit payment systems and logistics platforms, underscoring the growing threat to the freight and logistics sectors.