Two Kazakhstani Security Firms have discovered malware on systems hosting eGov.kz, the Kazakhstan government web portal that citizens use to conduct business such as file taxes. When visitors to the website attempt to download some documents, the website instead downloads an executable file and prompts the user to run it. If the downloaded file is executed, it installs Razy malware. Razy is reported to target users’ crypto-currency accounts in an attempt to steal funds. The Researchers at T&T (Russian Language) point out the relatively simplistic nature of this attack where the actors used old malware samples with a few changes for logistics and phishing purposes. The researchers assume that the attack is limited to credential harvesting for financial gain.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security