Group-IB recorded malicious mailings allegedly on its own behalf to Russian companies and government agencies. According to the company, they occurred from July 1 to 3. It is reported by RIA Novosti.
Group-IB recorded malicious mailings to Russian companies
The subject of the malicious email was “New security rules in our company – compliance”.
The address from which the letter came contained the name of the company Group-IB. In the text of the mailing, a certain “business security specialist” warns of a July 3 meeting with the Group-IB team and mandatory attendance for all employees. He also offers to follow the link, fill out an application and get acquainted with the materials related to the meeting.
Such a person does not work in Group-IB. The link in the letter leads to the automatic download of the archive, which contains the malicious file. Under the guise of a doc file is an rtf document. After opening it, a malicious program starts and access appears for remote control of the infected device.
Malicious emails were detected and neutralized by Group-IB’s sophisticated cyber threat prevention system. The company added that its response center promptly warned customers about the threat.