WARNING OF A GDPR NON-COMPLIANT THEMED DATA STEALING MALWARE
Jul 17, 2018
Antuit Cyber Intelligence Research Team (“ACIRT”) has determined a possibility of GDPR Non-Compliant themed phishing campaign which distributes a Data Stealing malware.
The phishing email has a zipped attachment which contains a malicious Word document. It further downloads an executable which enables attackers to exfiltrate data from the targeted systems. Our analysis suggests that an unnamed Russian threat group is associated with this phishing campaign.
Since the last OOB report on 25th June 2018, ACIRT has gathered additional IOCs related to this campaign.
The Antuit Risk Rating for this Out of Band Notification is: HIGH
Analysis of captured threat actor footprints and correlation with external threat vectors indicates that this is a possible threat, and your organization is advised to take precautionary measures as highlighted in this report.