Expert: Hackers send malware disguised under Belarusian protests

MOSCOW, Aug 21 (PRIME) -- Group-IB, which specializes on prevention of cybercrime, has revealed mailouts of Trojan virus TinyPosh to Russian banks under the guise of Belarusian protests allegedly on behalf of Minsk tractor works MTW-Holding, a Group-IB spokesperson told PRIME on Friday.

“The cybercriminals use the Belarusian protests to send Trojan virus TinyPosh. In the morning of August 19, team CERT-GIB registered a malicious mailout to Russian financial institutions on behalf of MTW-Holding,” the cybersecurity company said in a statement.

“The dangerous letters, counting over 50, were discovered and neutralized by a system of prevention of sophisticated cyberthreats, Threat Detection System (TDS), of Group-IB.”

After an effort to open a file attached to the letter, the malware was uploaded and installed on the computer.

“In fact, the perpetrators get remote access to a user’s computer that can be used as a floor to explore, collect data, and move forward in the institution’s network,” the experts said.

End %%ee/jst%%