Tips To Avoid APT CommonMagic Attacks That Now Expand Targets
JAKARTA - Kaspersky researchers found the APT CommonMagic campaign to expand its target, from previously located in the Donetsk, Luhansk, and Crimea regions, has now been expanded to individuals, diplomatic entities, and research organizations in Western and Central Ukraine.
Kaspersky's research identified at least 9 modules in this framework, each of which was responsible for different malicious activities such as collecting files, keylogging, capturing screenshots, recording microphone inputs, and stealing passwords.
In particular, Kaspersky revealed that one of the modules focuses on browsing data from the Gmail account. By extracting Gmail cookies from the browser database, these modules can access and smuggle activity logs, contact lists, and all email messages related to the targeted account.
To avoid being a victim of attacks targeted by known or unknown threat actors, Kaspersky researchers recommend implementing the following steps: