Russian SolarWinds Hacker Launches New Phishing Campaign-Security | #microsoft | #hacking | #cybersecurity

Microsoft Threat Intelligence Center (MSTIC) To tell A new spearfishing campaign by a Russian hacking group believed to be behind the catastrophic attack has been revealed. SolarWinds Supply chain attacks have targeted numerous organizations in many countries.

The Nobelium spear phishing attack, also known as UNC2452, Dark Halo, and Solorigate, targeted government agencies and international development organizations involved in foreign policy.

According to MSTIC, hackers have targeted approximately 3000 email accounts used by more than 150 organizations in 24 countries.

MSTIC first confirmed the attack in January of this year, and the attack has continued since then.

This email contained a malicious hypertext markup language (HTML) attachment that executed JavaScript code.

This code writes the ISO disc image file to your computer’s storage and prompts the target to open it.

When the user is tricked into clicking and mounting the ISO image, it runs a dynamic link library (DLL) file that contains the .LNK shortcut, and that file runs the next instance. Cobalt strike beacon Command and control module.

Another variant of the Nobelium phishing payload contained a Rich Text Format (RTF) document in which the Cobalt Strike Beacon was encoded.

Apple iOS users have been targeted by a special server controlled by Nobelium. This server tried to provide a universal crossscript zero-day. Abuse On the user’s device.

The iOS vulnerability was patched by Apple in March.

This month, Nobelium sent a fake email disguised as the United States Agency for International Development (USAID). This email contains a link that redirects to a hacker-managed server and attempts to deliver malware.

The malware included a custom Cobalt Strike Beacon named NativeZone, which MSTIC acts as a backdoor, and a vector of infection to other computers on the same network as the target.

Microsoft said the purpose of the attack was to gather information.

Original Source link

Leave a Reply

Your email address will not be published.

83 − = eighty