- Jul 22, 2014
- 2,525
A Russian cyber-espionage group has tried to infect security researchers with malware via a spear-phishing campaign that can easily receive a Pwnie Awards nomination for one of the year's biggest epic fails.
This campaign was set in motion at the start of the month and targeted attendees of CyCon, a security conference organized by NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) and the Army Cyber Institute at West Point.
Oh, you silly APT28! Show some respect, will you!?!
Obviously, people who plan to participate in this conference are experts in cyber-security and well accustomed to basic spear-phishing campaigns, malware, and APT groups.
What did the Russian cyber-espionage group do in this case? Did it deploy an undetectable zero-day exploit that experts can't spot? No, of course not. It deployed spear-phishing emails containing Word documents laced with a basic macro script.
Remind you, security experts interested in attending CyCon are usually the people who will ramble for hours about never, ever enabling Word macros.
....
This campaign was set in motion at the start of the month and targeted attendees of CyCon, a security conference organized by NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) and the Army Cyber Institute at West Point.
Oh, you silly APT28! Show some respect, will you!?!
Obviously, people who plan to participate in this conference are experts in cyber-security and well accustomed to basic spear-phishing campaigns, malware, and APT groups.
What did the Russian cyber-espionage group do in this case? Did it deploy an undetectable zero-day exploit that experts can't spot? No, of course not. It deployed spear-phishing emails containing Word documents laced with a basic macro script.
Remind you, security experts interested in attending CyCon are usually the people who will ramble for hours about never, ever enabling Word macros.
....
Last edited:
