In September 2024, threat intelligence experts from the Positive Technologies Security Expert Center (PT ESC) discovered an email sent to a governmental organization belonging to a CIS country. Timestamps indicate that the email was sent back in June 2024. The email appeared to be a message without text, containing only an attached document.
However, the email client didn’t show the attachment. The body of the email contained distinctive tags with the statement eval(atob(…)), which decode and execute JavaScript code:
Read more…
Source: Positive Technologies
Related:
- Emotet Returns to Hit 100K Mailboxes Per Day
December 23, 2020
After a lull of nearly two months, the Emotet botnet has returned with updated payloads and a campaign that is hitting 100,000 targets per day. Emotet started life as a banking trojan in 2014 and has continually evolved to become a full-service threat-delivery mechanism. It can install a collection of malware on victim machines, including information ...
- A Timeline Perspective of the SolarStorm Supply-Chain Attack
December 23, 2020
On Dec. 13, the cyber community became aware of one of the most significant cybersecurity events of our time, impacting both commercial and government organizations around the world. The event was a supply-chain attack on SolarWinds OrionⓇ software conducted by suspected nation-state operators that we are tracking as SolarStorm. Unit 42 was able to connect ...
- Card-Not-Present Fraud: 4 Security Considerations for Point of Sale Businesses
December 23, 2020
As the retail world’s center of gravity shifts to the cloud, payment card fraud has followed suit. According to Verizon’s retail vulnerabilities study, attacks against e-commerce applications are by far the leading cause of retail data breaches. This trend mirrors similar outcomes in other industries, like food service. A complimentary Verizon study finds remote attacks ...
- DHS warns of data theft risk when using Chinese products
December 23, 2020
The US Department of Homeland Security (DHS) warned American businesses of the data theft risks behind using equipment and data services provided by companies linked with the People’s Republic of China (PRC). The reason that prompted this business advisory is the need to highlight the PRC government-sponsored data theft risk to all organizations and individuals who ...
- FBI warns of ongoing COVID-19 vaccine related fraud schemes
December 22, 2020
US federal agencies have warned about scammers exploiting the public’s interest in the COVID-19 vaccine to harvest personal information and steal money through multiple ongoing and emerging fraud schemes. The warning was issued earlier today through the FBI National Press Office by the Federal Bureau of Investigation (FBI), the Department of Health and Human Services Office ...
- Holiday Puppy Swindle Has Consumers Howling
December 22, 2020
Puppy photos are undeniably irresistible but beware; researchers have uncovered a scheme selling fake German Shepherd puppies for Bitcoin, leaving buyers crushed and without a tiny fuzzy friend to cuddle on Christmas morning. The scam was discovered by an intrepid researcher at Anomali, who got wind of the fake puppy offer and decided to investigate. Image: ThreatPost Read ...