Brother
Professional
- Messages
- 2,590
- Reaction score
- 539
- Points
- 113
Russian-speaking cybercriminals attacked a number of European embassies in Italy, Liberia, Kenya and other countries, sending phishing letters to officials allegedly from the US State Department.
According to researchers at Check Point, the malicious emails contained Microsoft Excel documents titled "Military Financing Program" and marked "Top Secret." After activating the malicious macros contained in the document, two files were extracted from the document. In particular, the malicious TeamViewer DLL (TV.DLL) was loaded onto the attacked system.
The fact that attackers can speak Russian is indicated by the Cyrillic characters they accidentally left behind and even entire documents in Russian. However, they are unlikely to be politically motivated and are not "government hackers," Check Point said. Victims of cybercriminals are scattered all over the world and live in different geopolitical zones. There are tax officials among them, and they are of interest to cybercriminals, the researchers believe.
Experts even managed to track down one of the cybercriminals. It turned out to be someone called EvaPiks, registered on several hacker and carder forums. EvaPiks published instructions on how to carry out the cyber attacks described above and provided advice. Given the involvement of the cybercriminals in the carder community, the researchers suggested that they were looking for financial gain.
According to researchers at Check Point, the malicious emails contained Microsoft Excel documents titled "Military Financing Program" and marked "Top Secret." After activating the malicious macros contained in the document, two files were extracted from the document. In particular, the malicious TeamViewer DLL (TV.DLL) was loaded onto the attacked system.
The fact that attackers can speak Russian is indicated by the Cyrillic characters they accidentally left behind and even entire documents in Russian. However, they are unlikely to be politically motivated and are not "government hackers," Check Point said. Victims of cybercriminals are scattered all over the world and live in different geopolitical zones. There are tax officials among them, and they are of interest to cybercriminals, the researchers believe.
Experts even managed to track down one of the cybercriminals. It turned out to be someone called EvaPiks, registered on several hacker and carder forums. EvaPiks published instructions on how to carry out the cyber attacks described above and provided advice. Given the involvement of the cybercriminals in the carder community, the researchers suggested that they were looking for financial gain.
