Security News > 2023 > July > RomCom hackers target NATO Summit attendees in phishing attacks
A threat actor referred to as 'RomCom' has been targeting organizations supporting Ukraine and guests of the upcoming NATO Summit set to start tomorrow in Vilnius, Lithuania.
BlackBerry's research and intelligence team recently discovered two malicious documents that impersonated the Ukranian World Congress organization and topics related to the NATO Summit to lure selected targets.
BlackBerry's analysis from that time said that the threat actors behind RomCom follow a rather globalized targeting approach, highlighting that Cuba ransomware has never inclined towards hacktivism.
In November 2022, the cybersecurity firm discovered a new RomCom campaign that abused software brands and used fake sites in English and Ukrainian to target unsuspecting victims with malicious installers.
The final step of the attack is to load the RomCom backdoor on the machine, which arrives in the form of an x64 DLL file named 'Calc.exe.
RomCom malware spread via Google Ads for ChatGPT, GIMP, more.
News URL
Related news
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)