< br />
MOSCOW, June 10 Hackers attacked Russian companies this month with a mass phishing campaign disguised as government draft and mobilization documents, Bi.Zone reported.
«Since the beginning of June, we have been recording a mass mailing of phishing emails, this week there were several waves. The attackers used spoofing, that is, they forged the sender's address, for the recipient the letter looked like a message from government agencies,» the company said.
It is noted that the letters were sent to the corporate addresses of employees of Russian companies with the topics: “mobilization call”, “general mobilization 2023”, “verification of documents of the military registration and enlistment office”, “conscripts 2023 list” and so on, and inside the letter there was an attached archive allegedly with documents .
The archive contained a malicious file that installed the DCRat Trojan on the device, allowing it to gain full control over the system. With such a virus, hackers can take screenshots, record keystroke sequences, get the contents of the clipboard, and thereby collect sensitive data from businesses.
«Even unprepared attackers achieve their goals when they use topical issues and the human factor. Unfortunately, it is almost impossible to avoid such threats. Therefore, organizations must provide adequate protection against modern phishing attacks,» commented Oleg Skulkin, head of Bi.Zone's cyber intelligence department. .