Recently, a short, simple email with a suspicious RTF attachment that had been sent to a telecommunications agency in South Asia caught the attention of FortiGuard Labs. The email was disguised as coming from a division of the Pakistani government. and delivered the PivNoxy malware.

It should be noted that this threat is targeting Windows platforms, putting users of that platform at risk. The doc file, which reaches you via malicious mail, is in RTF format. It is understood that this was generated using a tool called Royal Road. This is a phishing “weapon” believed to be used by various APT threat actors based in Asia. Also known as 8.t RTF exploit builder, Royal Road allows APT groups to create RTF files with embedded objects that can exploit vulnerabilities in Microsoft Word to infect targets.

You should be careful with these types of threats as they target your information and can affect you in a big way.


Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *