29 C
Jaipur
Wednesday, October 28, 2020

Malware Targeting Public and Private Sector

Must read

Linux Kernel 5.10 Will be the Next LTS Release and it has Some Exciting Improvements Lined Up

Development for Linux Kernel 5.10 is in progress. It’s been confirmed to be a long term support release and it will be bringing newer...

Flipkart quiz October 28, 2020: Get answers to these question to win Super coins, discount vouchers and more

Flipkart quiz is now live. It consists of five questions and is available on the mobile app of Flipkart. The daily quiz offers...

Amazon app quiz October 28, 2020: Get answers to these five questions to win Rs 50,000 in Amazon Pay balance

As part of today’s quiz, Amazon is giving a chance to win Rs 50,000 in Amazon Pay balance. For those unaware, the...

vivo origin os: Vivo’s new custom OS may launch soon, to be called Origin OS

Smartphone brand Vivo is soon going to revamp its custom Android layer, claims a report by GizChina. The report claims that the...

Security researchers observed multiple new campaigns with modified PoetRAT targeting various public and private sector in Azerbaijan.

The threat actor uses malicious word documents to trick the victims into downloading the malicious document from temporary hosting providers.

Modified PoetRAT

The RAT was observed earlier this year using COVID-19 lures to target citizens of Azerbaijan, Government, and Energy Sectors.

The RAT has tools to monitor the hard disk and to exfiltrate the data automatically, along with that it has additional RAT features such as keyloggers, browser-focused password stealers, camera control applications, and other generic password stealers.

The threat actor uses Word documents to drop the malware, it also contains additional malicious macros, which in turn download additional payloads.

Previous versions of the PoetRAT Python interpreter to execute the source code, but the new version of the RAT uses Lua script.

Multiple campaigns observed, in one of the campaign, the word document contains blurred scripts and has the National Emblem of Azerbaijan in the top corners.

Once the user opens the malicious documents it drops Python interpreter and PoetRAT, also the new version uses HTTP protocol for C2 server communication.

In another campaign, the word document alleged to be from the State Service for Mobilization and Conscription of Azerbaijan.

With all the campaigns the attacker continuous to targets VIPs and the public sector and tries to exfiltrate sensitive documents from the compromised systems.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read

CoronaVirus Cyber Attack Panic – Threat Actors Targets Victims Worldwide

Chinese APT Hackers Exploit MS Word Bug to Drop Malware Via Weaponized Coronavirus Lure Documents

How Can The Coronavirus (COVID-19) Disrupt Cybersecurity Operations?

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Linux Kernel 5.10 Will be the Next LTS Release and it has Some Exciting Improvements Lined Up

Development for Linux Kernel 5.10 is in progress. It’s been confirmed to be a long term support release and it will be bringing newer...

Flipkart quiz October 28, 2020: Get answers to these question to win Super coins, discount vouchers and more

Flipkart quiz is now live. It consists of five questions and is available on the mobile app of Flipkart. The daily quiz offers...

Amazon app quiz October 28, 2020: Get answers to these five questions to win Rs 50,000 in Amazon Pay balance

As part of today’s quiz, Amazon is giving a chance to win Rs 50,000 in Amazon Pay balance. For those unaware, the...

vivo origin os: Vivo’s new custom OS may launch soon, to be called Origin OS

Smartphone brand Vivo is soon going to revamp its custom Android layer, claims a report by GizChina. The report claims that the...

Earphones from Xiaomi, Realme, Philips and others you can purchase under Rs 599 in Amazon sale

Earphones from Xiaomi, Realme, Philips and others you can purchase under Rs 599 in Amazon sale Source link