Threat Intelligence ReportEclecticIQ Report: Targeted Attacks Against Russian Service Center (English)
Fortinet reported about a series of attacks targeted at service centers in Russia. The service centers provide maintenance and support for a variety of electronic goods.
Report from EclecticIQ Fusion Center from Tuesday 12 June 2018.
Targeted phishing attempts, falsely claiming to be from a Samsung Company.
Language in emails likely machine translated and not written by native Russian speaker.
Lure documents exploit CVE-2017-11882 .
Payload is a cracked version of legitimate "Imminent Monitor" Remote Admin Tool.