Threat Intelligence Report EclecticIQ Report: Targeted Attacks Against Russian Service Center (English)

Fortinet reported about a series of attacks targeted at service centers in Russia. The service centers provide maintenance and support for a variety of electronic goods.

Report from EclecticIQ Fusion Center from Tuesday 12 June 2018.

Key Findings:

Targeted phishing attempts, falsely claiming to be from a Samsung Company.

Language in emails likely machine translated and not written by native Russian speaker.

Lure documents exploit CVE-2017-11882 .

Payload is a cracked version of legitimate "Imminent Monitor" Remote Admin Tool.

Download Resource

Download report and STIX entitiesSee other resources