Information security experts from BI.ZONE reported Newspaper “Izvestia”It has been revealed that a new hacker group called Sticky Werewolf is attacking government organizations in Russia and Belarus. The group started its operations in April and has carried out more than 30 attacks so far. To create phishing emails, attackers use commercial malware (software). The number of cyber attacks on complex electronic devices has increased one and a half times.
Oleg Skulkin, head of the BI.ZONE cyber intelligence department, explained that attackers create links for fake emails using the IP Logger service. This service allows you to collect information about users who click on links, including click time, IP address, country and city, browser version and operating system. This helps the Sticky Werewolf filter out systems they are not interested in and focus on attacking the highest priority targets.
Security experts say links in emails lead to malicious files with .exe or .scr extensions that disguise themselves as Word or PDF documents. For example, the administration of the Krasnoyarsk Territory was attacked in this way after attackers sent a fake alert from the Ministry of Emergencies. Similar attacks were carried out on the Brest Executive Committee (under the guise of a document from the Belarusian Prosecutor General’s Office) and the Moscow Savelovsky Court.
Igor Bederov, head of the information and analytical research department of the company T.Hunter, believes that this group may operate from the Ukrainian side, which explains their distribution of spyware in the bodies of the Union State.
Previously in Poland detained The Belarusian is suspected of spying for Russia.