A cyber espionage campaign has been underway in the DPR, LPR and Crimea since 2021 targeting government, agricultural and transport organizations. such an explanation red blood cell Made in Kaspersky Lab. They use a new malware called CommonMagic.
First, the attack begins with the distribution of targeted phishing emails. They come to the victims on behalf of state institutions.
A user using the link could accidentally download a ZIP archive containing two files from a malicious web server. The first is a harmless deceptive document, usually in DOCX PDF or XLSX format, and the second is a completely harmless, double-extension malicious LNK file. Most often, this is for example: pdf.lnk.
If you download the archive and click the shortcut, the PowerMagic backdoor will enter the tool. It receives commands from a remote folder in the public cloud and uploads data from the device to the cloud.
PowerMagic remains on the system even after the infected device is rebooted. It is also used to distribute the CommonMagic malware platform; It consists of several modules. It can steal files from USB devices, as well as take a screenshot every three seconds and send it to criminals.
formerly chatbot ChatGPT learned creating viruses that target individual features of different operating systems and specific vulnerabilities.