02-05-2019, 12:09 PM
Pro-Tibetan groups are in the sights of a targeted malware campaign. Security researchers from Cisco Talos reported that that this malware comes in the form of a PowerPoint doc that contains a RAT [Remote Access Trojan] that is capable of taking system and personal information from the computer and/or user thereof.
The malware was using a specific vector of attack; it used a mailing list used by a Tibetan news outlet. Researchers were able to conclude that the attackers were altering the standard Reply-to-Header so that responses would be sent back to an email address controlled by the attackers.
A connection was discovered by researchers between this incident and Lucky Cat, a Android and Windows based Trojan.
This incident was concluded as an espionage run and not for financial gain.
Original article can be found here.
That was the news folks, have a good week, and stay safe out there.
--Mad-Architect