Hackers are using Russian domains to launch complex document-based phishing attacks

Posted by:
Olivia Smith
Thu, 26 Dec
0 Comment
Feature image

New research reveals a surge in malicious email activities and a shift in cyber attack tactics, showing a concerning rise in Remote Access Trojans (RATs) and the increasing use of malicious domains linked to Russia.
A recent study found that at least one malicious email manages to bypass Secure Email Gateways every 45 seconds, marking a significant increase from previous rates. Remote Access Trojans, particularly the Remcos RAT, are on the rise, allowing cybercriminals to infiltrate systems, steal data, and launch further attacks.
Phishing campaigns are now utilizing open redirects to direct users to malicious websites, with a 627% increase in their use. Malicious Office documents in .docx format have also seen a dramatic spike, luring victims with phishing links or QR codes. Notably, cybercriminals are now turning to Russian domains such as .ru and .su to avoid detection and complicate tracking efforts.
This shift in tactics underscores the evolving landscape of cyber threats, posing challenges for organizations and security teams in combating data exfiltration and malware delivery.

Tags:

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments