From thehackernews.com
Cybersecurity researchers have disclosed details of a threat actor known as Sticky Werewolf that has been linked to cyber attacks targeting entities in Russia and Belarus.
The phishing attacks were aimed at a pharmaceutical company, a Russian research institute dealing with microbiology and vaccine development, and the aviation sector, expanding beyond their initial focus of government organizations, Morphisec said in a report last week.
“In previous campaigns, the infection chain began with phishing emails containing a link to download a malicious file from platforms like gofile.io,” security researcher Arnold Osipov said. “This latest campaign used archive files containing LNK files pointing to a payload stored on WebDAV servers.”