Recent reports suggest a concerning trend where malicious actors are targeting trucking and logistics companies to infiltrate them with remote monitoring and management (RMM) software, with the ultimate goal of stealing cargo freight for financial gain.
According to findings by Proofpoint, a threat cluster has been identified since at least June 2025, working in collaboration with organized crime groups to breach surface transportation entities, particularly focusing on food and beverage products as the most sought-after commodities for cyber-enabled theft.
Researchers Ole Villadsen and Selena Larson revealed, “The stolen cargo is likely sold online or shipped internationally. In their operations, threat actors aim to penetrate companies and exploit their unauthorized access to engage in bidding on legitimate shipments of goods with the intention of stealing them.”
In the recent wave of intrusions detected by Proofpoint, the unidentified attackers have utilized various tactics, including compromising email accounts to intercept ongoing conversations, focusing on asset-based carriers, freight brokerage firms, and integrated supply chain providers through spear-phishing emails, as well as posting fake freight listings via hacked accounts on load boards.
“The perpetrators post deceptive freight listings using compromised accounts on load boards and then send emails with malicious URLs to carriers interested in the loads. This strategy exploits the trust and urgency inherent in freight negotiations,” the report stated.
The use of RMM software provides several advantages for the threat actors. Firstly, it eliminates the need to create custom malware. Secondly, it allows them to operate stealthily, as these tools are commonly used in enterprise environments and are not usually flagged as malicious by security software.
As stated by Proofpoint in March 2025, “Threat actors can easily develop and distribute their own remote monitoring tools, and due to their legitimate use cases, end users may not be suspicious of installing RMM software compared to other remote access trojans. Additionally, these tools may evade antivirus or network detection as the installers are often signed and distributed as legitimate payloads.”
![Apple pushing back on 'vibe coding' iPhone apps, developers say [U]](https://bennetttechinnovation.com/wp-content/uploads/2026/03/Apple-Stands-Firm-Against-Vibe-Coding-iPhone-Apps-Defying-Developers-80x80.jpg)
