Experts: hackers are more likely to try to spy on Russian defense companies through legal software
Hackers have stepped up their efforts to spy on companies linked to Russia’s military-industrial complex (DIC) through legitimate software. Experts from Bi.Zone told RIA Novosti about this.
“The Core Werewolf group uses phishing and legitimate software to gain full control over the user’s system, copy files, track his actions,” the experts specified.
As specified, the main targets of the spies were Russian organizations associated with the defense industry and critical infrastructure. Malefactors most often try to get into the systems of the institution using phishing emails with links to dangerous files. They, in turn, can be disguised as documents in DOCX and PDF formats: resolutions and orders.
The victim opens such a file and sees the document. But at the same time, the installation of the UltraVNC program in the background begins. This is how scammers try to gain access to a compromised device, experts concluded.
In May, it was reported that a campaign was launched against Russian organizations from various fields to massively steal user credentials using phishing emails. Experts said that attackers send phishing emails using Umbra malware.
Cybercriminals attach files with malicious labels and disguise them as documents called “The Raiders Plan”.
Source: Lenta
Mabel is a talented author and journalist with a passion for all things technology. As an experienced writer for the 247 News Agency, she has established a reputation for her in-depth reporting and expert analysis on the latest developments in the tech industry.
