From latesthackingnews.com
Researchers have caught a new malware campaign in the wild that deploys a novel Rust-based malware to Azerbaijan targets. While not linked to a known threat actor group, the campaign still includes some false flags, possibly to hide the actual threat actors behind it. New Rust Malware Targets Azerbaijan Users According to a recent post from the Deep Instinct Threat Lab, their researchers have found a new malware campaign with a particular victim list. Analyzing the malware revealed that the malware is a novel threat written in rust programming language and specifically targets Azerbaijan users. In brief, the attack begins with a .lnk file that poses as an image file by carrying “.jpg” in the file name. Here again, the attackers leverage the default settings of most operating systems to hide file name extensions so that the potential victims would only see “.jpg” in the file name and click on it, considering it an image. In the sample the researchers analyzed, this file possessed the name “1.KARABAKH.jpg.lnk,” possibly hinting at the attackers’ attempt to exploit the recent political situation to lure victims into clicking the file. Once done, the malicious file drops an MSI installer that implants a Rust-based malware alongside a decoy image file and an XML file for executing the implant.