Threat Intelligence Report

EclecticIQ Report: Targeted Attacks Against Russian Service Center (English)

Fortinet reported about a series of attacks targeted at service centers in Russia. The service centers provide maintenance and support for a variety of electronic goods.

Report from EclecticIQ Fusion Center from Tuesday 12 June 2018.

Key Findings:

  • Targeted phishing attempts, falsely claiming to be from a Samsung Company.
  • Language in emails likely machine translated and not written by native Russian speaker.
  • Lure documents exploit CVE-2017-11882 .
  • Payload is a cracked version of legitimate "Imminent Monitor" Remote Admin Tool.

Download Report

About EclecticIQ

EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.