Embassies targeted in ongoing spearphishing campaign that weaponized Microsoft Excel files

[InfoSec News <alerts () infosecnews org>]

https://www.cyberscoop.com/microsoft-excel-check-point-technologies-russia/

By Shannon Vavra
CYBERSCOOP
April 22, 2019

Embassies around the world have been targeted in a recent spate of 
spearphishing email attacks from Russian hackers, according to a new 
report from researchers at Check Point Technologies.

The emails, which the hackers filled with U.S. State Department logos and 
“Top Secret” labels to trick victims into believing they were legitimate, 
were actually laced with malicious Microsoft Excel files. The documents 
were capable of leveraging a trojanized version of remote access software, 
TeamViewer, to gain control of infected computers.

After gaining access and control, the hackers’ code allowed them to take 
screenshots of the victims’ PCs, allowing the hackers to steal victims’ 
usernames and login credentials.

They’ve had access to “everything,” Check Point’s Threat Intelligence 
Group Manager Lotem Finkelsteen tells CyberScoop. “Databases, personal 
data, documents, networks, other devices connected. They have full access 
to the infected device.”

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_