Tag: Poland

Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
News

Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign

APT28, a nation-state actor with ties to Russia, is behind a widespread malware campaign that has attacked Polish government institutions. The computer emergency response team, CERT Polska, stated in a report on Wednesday that the campaign used emails with content meant to pique the recipient's curiosity and get him to click on the link. In an attempt to avoid detection, clicking on the link takes the victim to the domain run.mocky[.]io, which is then used to redirect to another genuine website called webhook[.]site. This free service enables developers to inspect data that's being supplied via a webhook. Using the webhook[.]site, download a ZIP archive file containing the Windows Calculator binary, which is posing as a JPG image file read more Kremlin Backed APT28 Targets Polish...
PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland
News

PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland

Campaigns aimed at stealing private information and gaining enduring remote access to infected computers have targeted governmental agencies, military organizations, and civilian users in Ukraine and Poland. The incursion set, which spans the months between April 2022 and July 2023, uses phishing lures and fake documents to launch PicassoLoader, a downloader virus that serves as a conduit for Cobalt Strike Beacon and njRAT. According to a recent analysis by Cisco Talos researcher Vanja Svajcer, "the attacks used a multistage infection chain initiated with malicious Microsoft Office documents, most frequently using Microsoft Excel and PowerPoint file formats." This was followed by an executable downloader and payload that was hidden inside an image file read more PicassoLoader Malwar...