The email rar attachment contains an exe file: the first malware, which downloads the second. The stolen data is exfiltrated via SMTP.
The Jerusalem Post website defaced for the Soleimani assassination anniversary. Cyber threats and geopolitical events are increasingly connected. Countries that can’t attack kinetically use cyber weapons to hit their enemies and increase pressure
The Jerusalem Post websit defacemente for the Soleimani assassination anniversary, as Reuters reported, confirms that today geopolitical events are increasingly connected to the cyber threats. Countries that can’t attack kinetically use cyber warfare to hit their enemies. The armies are the internal hacking groups (APTs) or the supporters worldwide. Sometimes, they externals on the dark web forums are hired to conduct cyber espionage or sabotage offensives. The weapons are the web and the social networks, while the bullets are the email or the zero-day exploits. The goal for these countries is always double: on one side, to damage the opponents and increase pressure on them. On the other, improve the internal perception of strongness. In the Soleimani case, for example, the authors launched a threat on Israel, but in meantime they galvanized pro-Iran militias and supporters in the Middle East, increasing the possibility of them striking elsewhere against enemy targets.