In July 2023, Russian companies faced mass sending of PyCrypter encryption virus via email. This was reported to socialbites.ca by the press service of the FACCT company specializing in information security.
It was noted that the mails affected companies in the industrial sector, transport enterprises, as well as organizations in the field of informatics. The emails were advertisements for a CryptoBOSS cryptocurrency client for “secure and completely anonymous access to all currencies.” The message was accompanied by a link to download the utility that actually led to the download of the RuCrypter encryptor.
FACCT noted that the mail was registered on July 9, 2023. The company’s automated email protection tools managed to catch and neutralize the email prematurely.
FACCT experts, as part of the investigation into the incident, determined that the domain name that went to the site where the RuCrypter virus was found was registered to a Gmail user with the username Vladimir Stoyanov, who was involved in such cyber attacks before. For example, in the fall of 2022 and in the spring of 2023, Vladimir Stoyanov sent another cryptographic virus, Cryptonite, by e-mail. In the past, letters were sent on behalf of Prime Minister Mikhail Mishustin.
Former analysts to solveThat Russians are less likely to buy antiviruses for PCs.