In several cases, the contents of the decoy document were directly related to the name of the malicious LNK to trick the user into activating it. pdf.lnk) that leads to infection when openedĭecoy Word document (subject: Results of the State Duma elections in the Republic of Crimea) A malicious LNK file with a double extension (e.g.A decoy document (we discovered PDF, XLSX and DOCX versions).The archive, in turn, contained two files: The victims navigated to a URL pointing to a ZIP archive hosted on a malicious web server. Although the initial vector of compromise is unclear, the details of the next stage imply the use of spear phishing or similar methods. In October 2022, we identified an active infection of government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions. We previously published an overview of cyber activities and the threat landscape related to the conflict between Russia and Ukraine and continue to monitor new threats in these regions.
Since the start of the Russo-Ukrainian conflict, Kaspersky researchers and the international community at large have identified a significant number of cyberattacks executed in a political and geopolitical context.
0 kommentar(er)
