https://www.cyberscoop.com/microsoft-excel-check-point-technologies-russia/
By Shannon Vavra
CYBERSCOOP
April 22, 2019
Embassies around the world have been targeted in a recent spate of
spearphishing email attacks from Russian hackers, according to a new
report from researchers at Check Point Technologies.
The emails, which the hackers filled with U.S. State Department logos and
“Top Secret” labels to trick victims into believing they were legitimate,
were actually laced with malicious Microsoft Excel files. The documents
were capable of leveraging a trojanized version of remote access software,
TeamViewer, to gain control of infected computers.
After gaining access and control, the hackers’ code allowed them to take
screenshots of the victims’ PCs, allowing the hackers to steal victims’
usernames and login credentials.
They’ve had access to “everything,” Check Point’s Threat Intelligence
Group Manager Lotem Finkelsteen tells CyberScoop. “Databases, personal
data, documents, networks, other devices connected. They have full access
to the infected device.”
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
