CEO at Speclar | Founder at Astra Cybersec | CTO at Teenvisor | Cybersecurity Researcher | Teen Entrepreneur & Ethical Hacker | Blockchain Enthusiast | Public Speaker & Social Activist | Building the Next Unicorn
A previously unknown threat actor has been attributed to a spate of attacks targeting Azerbaijan and Israel with an aim to steal sensitive data. The attack campaign, detected by NSFOCUS on July 1, 2024, leveraged spear-phishing emails to single out Azerbaijani and Israeli diplomats. The activity is being tracked under the moniker Actor240524. "Actor240524 possesses the ability to steal secrets and modify file data, using a variety of countermeasures to avoid overexposure of attack tactics and techniques," the cybersecurity company said in an analysis published last weekThe attack chains commence with the use of phishing emails bearing Microsoft Word documents that, upon opening, urge the recipients to "Enable Content" and run a malicious macro responsible for executing an intermediate loader payload codenamed ABCloader ("MicrosoftWordUpdater.log"). In the next step, ABCloader acts as a conduit to decrypt and load a DLL malware called ABCsync ("synchronize.dll"), which then establishes contact with a remote server ("185.23.253[.]143") to receive and run commands.
Penetration Tester || Security Researcher || Cyber Security Enthusiast
1moIf these threat actors have that level of skills why they just don't earn the money by doing legal work, what's wrong with that?