Cybersecurity specialists from F.A.C.C.T. have discovered a new threat: email distributions from an attacker who has been given the code name FakeTicketer. He sends victims unique malware: a stealer, a remote access Trojan (RAT), and a dropper with the ability to steal data from browsers. This family of malicious files has been named Zagrebator.
Emails from FakeTicketer contain an attachment in the form of an archive, the name of which duplicates the subject of the email. The attached archive contains an executable file with a similar name related to the legend of the attack. As a lure document, FakeTicketer used fake tickets to sporting events: for example, to matches of the Russian football premier league, competitions in water rowing on kayaks and canoes.
The attacker uses self-written malware, which allows him to be more stealthy and bypass certain detection systems during the exploitation of the attack chain on the infected system. Based on the functionality of the malware, we believe that the motivation of the FakeTicketer attacker is espionage. Based on the discovered decoy files, we believe that his attacks are aimed, among other things, at the public sector.
In the fall and early winter, FakeTicketer began to use official documents as bait. In October, it was a scan of a school certificate, in December - regulatory acts of the administration of the city of Simferopol. Cybersecurity experts see Russian sports functionaries and officials of various levels as likely targets of the attacker.
Read materials on the topic:
Infected network equipment at nodal stations could have caused the Runet failure
Fraudulent networks: almost 40% of cybercrimes in Russia are committed using IT technologies
Now on home
The ship's state tests are taking place at the Baltic Fleet's marine training ground
Anti-missile will create a field of damaging elements in the atmosphere
Production of parts for new Sollers SUVs and UAZ Patriot will start after commissioning is completed
The cosmonaut was appointed commander of Soyuz MS-31 as part of the ISS-77 mission
The device, made according to the "tailless" scheme, repeats the design of the Russian UAV
Arbitration Sides with Rubin Central Design Bureau in Dispute Over Modernization of Project 949A Submarine
The cars received a German nine-speed ZF automatic transmission
Missile range - at least 1500 km, warhead weight - about 800 kg
The Republic prioritizes the creation of its own fifth-generation aircraft
The combination of combat aircraft provides protection both at close range and at long distances
The "Zakord" company will produce air cabin filters
The company has mastered almost 98% of the range of rails used by the national carrier