Hackers started sending fake emails containing malware to Russian companies. Bi.Zone said that the source codes of this malware are publicly available on the GitHub platform and available to all users.
Experts found a campaign targeting Russian organizations. The purpose of this campaign was to distribute Umbral malware that collects personal user data from infected computers. Interestingly, the source code of this malware is available on GitHub and is available to everyone.
Hackers have chosen a simple but effective way to deliver malware to corporate networks – they send phishing emails with file attachments. These files masquerade as documents called the “Raiders’ Plan”, and opening such a file will trigger the process of compromising the device.
Umbral malware allows attackers to bypass protection, elevate privileges, gather information about a compromised system, and obtain authentication data from various applications, including Chrome, Opera, Yandex Browser, Discord messenger, and Minecraft. Experts note that many of these applications may contain passwords for both personal and corporate accounts. This allows attackers to access the target network and use it to send phishing emails within the organization.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
