The current hackbull was recently discovered to have one or more targets.
According to a blog post, Russian-speaking organizations in Central Asia speak
From Fire Eye Laboratory.
After a successful infection, Hawksball attacks the attacker indefinitely
Enter a level of malicious skill and type: Blogger Fire
Swapnil Patil is a corrupt researcher. This includes searching for a host
Gathering information from victims; Bonus distribution; Creation:
It is said that the standard window command has been executed. The process is over.
Create, delete, upload files. Specify the unit.
The attackers used malicious phishing documents as a background
Focus and claim to be an anti-terrorism agency
The Soviet Republic created an independent republic
Status: Incomplete document name translated from Russian
English is a collection of counterterrorism advice
Federal Security Services Special Services
Benjamin Reid, Director-General for Cybercrime.
Fire Eye scientists believe that malicious files can be used
February 2019. I have no idea what my goals are.
But consider it interesting content
Deleting the wrong file can affect the affected chain
sent with the previous two Microsoft Office documents
Vulnerability Related Vulnerability – CVE-2017-11882 (Available in Microsoft Office Suite)
Server 3 settings, Microsoft Office 2010 Service Pack 2, Microsoft Office
Office Suite 2013 and Microsoft Office 2016) and CVE-2018-0802
(compatible editor for Microsoft Office 2007, 2010, 2013 and 2013)
Hawkball communicates via HTTP via a composite C2 server.
decide on individual data, including computer names
name, IP address, OEM site, configuration file system, information technology and more.
There are at least two steps to achieve this
SC Media contacted FireEye to learn more about the Hawkball attack.