A malware campaign targeting cyber security researchers just doesn’t seem like a good idea.
You wouldn’t think a malware targeted at the cyber security industry would be a good idea, but someone did it. That someone seems to be Russian hackers known as Group 74. Discovered by Cisco Talos, this campaign utilized a believable email.
The email that was sent to cyber security professionals was camouflaged as a promotional email from a real cyber security conference. The email appeared to come from The Cyber Conflict US conference, which is happening in November in Washington DC. The email employed verbiage and logos from the conference’s website.
This email carries with it an attachment which appears to be a flier for the conference. But this flyer contains a malicious macro which will activate a new strain of the
Seduploader malware. This malware is capable of taking screenshots, gathering data, executing code, and downloading files.
I wonder how many cyber security professionals might have fallen for this campaign? I doubt seriously that any would admit to it.