It asks to open a link to revise an agreement. It lands to a website that simulates the victim’s organization homepage, in which the user has only to digit the password.
An email asks to open a link to read them. It lands to a website that simulates the victim’s organization homepage, in which the user has only to digit the password.
The doc attachment contacts a link, exploiting the Equation Editor vulnerability, and downloads an exe: the malware. Data is then exfiltered via SMTP to an email address.
The message template is identical to the previous one, except for the dates and the name of the attachment: 25_153325_221122_113030.7z. Inside is an exe, the malware, which exfiltrates stolen data via SMTP.
Pro-Russian hackers close to the GRU attack institutions, carriers and suppliers with DDoS. The operation is complementary to the Moscow military one: the objectives are shared.
Op.Neutrino compromised an operational AI/ML model, in addition to a power grid SCADA/ICS, belonging to the DK Port substation. It’s the new response for the attacks in Ukraine.