JAKARTA - Cybersecurity firm Kaspersky detected a series of complex attacks targeting various large organizations in China, Japan, Malaysia, Peru, and Russia from the second half of 2024 to 2025.
These attacks leverage legitimate services such as GitHub, Microsoft Learn Challenge, Quora, and social media to hide malicious codes.
The mode of attack was carried out through a phishing spear email disguised as official communication from state-owned companies, especially in the financial and gas sectors as well as oil and gas.
Attachments in emails include archives containing EXE and DLL files that look like PDF documents, but actually contain malware. After running, the malware launched the Cobalt Strike Media.
This attack then allowed hackers to remotely control the system, steal data, and maintain access to victims' networks.
Responding to this attack, Kaspersky advised organizations to implement the following security measures:
SEE ALSO:
-
| TEKNOLOGI
Aturan Baru Live di Instagram Diberlakukan, Kini Tak Semua Akun Bisa Siaran Langsung
04 Agustus 2025, 03:35 -
| TEKNOLOGI
Kaspersky Ungkap Serangan Siber yang Manfaatkan Profil GitHub dan Media Sosial
04 Agustus 2025, 09:32 -
| TEKNOLOGI
Regulator Brasil Selidiki Microsoft atas Tuduhan Monopoli oleh Opera
04 Agustus 2025, 16:06
Cybercrime is now increasingly sophisticated, leveraging legitimate platforms and disguising old tools with new techniques. The organization must remain vigilant and continue to follow the development of threat intelligence," said Maxim Starodubov, Head of the Malware Analyst Team at Kaspersky.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
