The results of a study conducted by employees of the Electronic Security Service (ESS) under the Ministry of Digital Development and Transport regarding a phishing attempt targeting the banking and public sectors have been announced.
Modern.az reports that ESS has released information on this matter.
It is reported that the Service's employees carried out reverse engineering operations (analysis conducted to understand the program's behavior and identify its components) on the detected malicious software, and as a result, identified additional indicators ("loc").
In the attack attempt, an encrypted script of "loader" type (used for loading malicious software onto the target computer system) embedded in a "Microsoft Excel" file, and malicious software named "Remcos" added to an image file via steganography (embedding hidden information inside a file) were used.
The general schematic description of the attack can be found via the following link.
