EclecticIQ Report: Targeted Attacks Against Russian Service Center(English)
Fortinet reported about a series of attacks targeted at service centers in Russia. The service centers provide maintenance and support for a variety of electronic goods.
Targeted phishing attempts, falsely claiming to be from a Samsung Company.
Language in emails likely machine translated and not written by native Russian speaker.
Lure documents exploit CVE-2017-11882 .
Payload is a cracked version of legitimate "Imminent Monitor" Remote Admin Tool.
About EclecticIQ
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.
Download Report
About EclecticIQ
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.