Report from EclecticIQ Fusion Center from Tuesday 12 June 2018.
- Targeted phishing attempts, falsely claiming to be from a Samsung Company.
- Language in emails likely machine translated and not written by native Russian speaker.
- Lure documents exploit CVE-2017-11882 .
- Payload is a cracked version of legitimate "Imminent Monitor" Remote Admin Tool.
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.