In September 2024, threat intelligence experts from the Positive Technologies Security Expert Center (PT ESC) discovered an email sent to a governmental organization belonging to a CIS country. Timestamps indicate that the email was sent back in June 2024. The email appeared to be a message without text, containing only an attached document.
However, the email client didn’t show the attachment. The body of the email contained distinctive tags with the statement eval(atob(…)), which decode and execute JavaScript code:
Read more…
Source: Positive Technologies
Related:
- New FritzFrog P2P botnet has breached at least 500 enterprise, government servers
August 19, 2020
A P2P botnet newly-discovered by researchers has struck at least 500 government and enterprise SSH servers over 2020. On Wednesday, cybersecurity firm Guardicore Labs published research into FritzFrog, a peer-to-peer (P2P) botnet that has been detected by the company’s sensors since January this year. According to researcher Ophir Harpaz, FritzFrog has attempted to brute-force SSH servers belonging ...
- Phishing scams dominate the Philippines cybercrime landscape
August 19, 2020
Cybercrime in the Philippines is on a rapid rise, with phishing campaigns alone up 200% since the country went into lockdown in March In today’s highly-digitalized society, wanton cybercrimes have proven to be difficult to eradicate, and the cyberattack threat matrix just got riskier when recent quarantine and lockdown restrictions forced everyone indoors. Not only did ...
- The Cybersecurity Blind Spots Of Connected Cars
August 18, 2020
Technology has accelerated the pace in which vehicles provide mobility and convenience. Nowadays, it’s common for connected cars to let their users have instant access to navigation and traffic data, play desired media content, and get up-to-the-minute weather and collision alerts, among other capabilities — thanks to connected technologies such as vehicle-to-everything (V2X) communication and ...
- Ukraine arrests gang who ran 20 crypto-exchanges and laundered money for ransomware gangs
August 18, 2020
Law enforcement in Ukraine has announced today the arrest of a cybercrime gang who ran 20 cryptocurrency exchanges where they laundered more than $42 million in funds for criminal groups. The group, which authorities said had three members, has been operating from Ukraine’s Poltava region since 2018. According to Ukrainian officials, the group has advertised its ...
- Dharma RaaS is ‘targeting and menacing’ SMBs
August 17, 2020
Dharma ransomware as-a-service (RaaS), which is among the world’s most popular, is being used predominantly to target small and medium-sized businesses (SMBs), according to a new report from Sophos. Offers as a service, Dharma ransomware is available to whoever is willing to pay for its use. User groups (called affiliates) rely “almost entirely” on a menu-driven ...
- Nigeria: Military Personnel Arrested For Cybercrime In Lagos
August 17, 2020
Lance Corporal Ajayi Kayode, a serving military personnel in Lagos State, has been arrested for alleged Internet fraud. Kayode was arrested in the Lekki axis of the state by operatives of the Economic and Financial Crimes Commission. The soldier, who was arrested alongside 26 others, said he was still learning “yahoo yahoo” (Internet fraud) from his friends ...