Security News > 2024 > August > New Cyber Threat Targets Azerbaijan and Israel Diplomats, Stealing Sensitive Data

A previously unknown threat actor has been attributed to a spate of attacks targeting Azerbaijan and Israel with an aim to steal sensitive data.

The attack campaign, detected by NSFOCUS on July 1, 2024, leveraged spear-phishing emails to single out Azerbaijani and Israeli diplomats.

"Actor240524 possesses the ability to steal secrets and modify file data, using a variety of countermeasures to avoid overexposure of attack tactics and techniques," the cybersecurity company said in an analysis published last week.

The attack chains commence with the use of phishing emails bearing Microsoft Word documents that, upon opening, urge the recipients to "Enable Content" and run a malicious macro responsible for executing an intermediate loader payload codenamed ABCloader.

"Its main function is to determine the running environment, decrypt the program, and load the subsequent DLL," NSFOCUS said.

Some of the prominent functions of ABCsync are to execute remote shells, run commands using cmd.

News URL

https://thehackernews.com/2024/08/new-cyber-threat-targets-azerbaijan-and.html