Cybersecurity specialists from F.A.C.C.T. have discovered a new threat: email distributions from an attacker who has been given the code name FakeTicketer. He sends victims unique malware: a stealer, a remote access Trojan (RAT), and a dropper with the ability to steal data from browsers. This family of malicious files has been named Zagrebator.
Emails from FakeTicketer contain an attachment in the form of an archive, the name of which duplicates the subject of the email. The attached archive contains an executable file with a similar name related to the legend of the attack. As a lure document, FakeTicketer used fake tickets to sporting events: for example, to matches of the Russian football premier league, competitions in water rowing on kayaks and canoes.
The attacker uses self-written malware, which allows him to be more stealthy and bypass certain detection systems during the exploitation of the attack chain on the infected system. Based on the functionality of the malware, we believe that the motivation of the attacker FakeTicketer is espionage. Based on the discovered decoy files, we believe that his attacks are aimed, among other things, at the public sector.
In the fall and early winter, FakeTicketer began to use official documents as bait. In October, it was a scan of a school certificate, in December – regulatory acts of the administration of the city of Simferopol. Cybersecurity specialists see Russian sports functionaries and officials of various levels as likely targets of the attacker.
Read materials on the topic:
Infected network equipment at nodal stations could have caused the Runet failure
Fraudulent networks: almost 40% of cybercrimes in Russia are committed using IT technologies
Now on home
Герой России Гарнаев: никто из профессионалов о возобновлении производства на КАЗ всерьёз не говорит
Система отслеживает спутники на высотах до 50 000 км и ведёт за ними наблюдение
The armored vehicle is equipped with a KamAZ-740.35-400 diesel engine with a power of 400 hp.
Constant improvements in avionics, weapons and tactical capabilities will make the aircraft a flexible response to future challenges
The exterior of the KamAZ-54901 features fairings on the cab and chassis for fuel economy
Fighters are in demand both domestically and abroad
Tyazhpromexport and Venezuela Agree on Plant Revival
The company not only completed the state order, but also quickly mastered the production of AK-12K for special forces
Experts have developed a photogrammetric complex with a resolution of less than 1 cm
