Threat activities were identified after malicious and spammy attacks were observed in organizations in Turkey. Researchers at Sophos, a developer and security vendor, found out that attackers used a cover of Microsoft Excel as they used its formulas to deliver the payload (malware).
The threat actors targeted victims in Turkey using the malspam emails which were written in the Turkish language. The spam author had a great knowledge of the Turkish language and its grammar. All the indicators and the credibility of the hypothesis lead to a conclusion that both the attacker and the victim are from the same country, “Turkey.”
Researchers also suspected that this method of attack might go global. It was a successful idea to infiltrate the entire ecosystem of crimeware eventually. Usually, this method is not used by cybercriminals, but they can leverage with it just like any other tool in the toolbox.
The attack on in Turkey was not sophisticated from any angle. It simply delivered an email message with an excel file attachment. The file carried the attack in the formula bar which went unnoticed by many. These methods are evolving, and people are not noticing it.
Almost everyone is susceptible to receive online privacy risks. People are vulnerable to phishing and malware attacks and are increasingly being attacked. Privacy enthusiast recommends using precaution measures to avoid eavesdropping by ISPs, government, and cybercriminals.
A lot of tricks of phishing have been revealed, and many sample emails have been recovered. Many follow the same principle of luring the victim into the email. The analysis has revealed that the emails were generated by a random builder which selected the victims randomly.
Researchers said that the attacks were more mechanical before the attacker started using cryptic texts. Furthermore, windows programs were found hosting the malware payload on additional servers.
The files were not downloaded by the Excel files; they were alternately placed on the servers by the threat actors. There is no reason to store the malicious files on the servers, only the executables which turned out to be the malicious attachments spread the malspam message.
This tool has an SMTP functionality, which is there to send out malspam with the attachment.
Although it is hard to achieve complete privacy online, despite this fear, everyone should achieve it either by limiting their use of the internet or by using tools which guarantee security online.
This malware incident which happened in Turkey could be hitting to the US next. Although Americans are paranoid about protecting their data online still only 40% have no idea of what GDPR laws are.
People feel really discomforting when they get to know which websites are retaining their personal information. Thank god GDPR laws are here and the breach to online privacy is punishable. On one side, people are eager to protect their data and find it an attack on their privacy, while on the contrary half of them hardly know about California’s consumer's Privacy Act (CCPA).
Data protection is the key to survival. It is just like the protection of your own physical self. How can you allow someone to read or watch what you are doing online? it just doesn’t sound fair.