At this time, the Spectacular Taken by Spatial Get attention and cybercriminals understand this. This is how a phishing campaign was created using telescope photos as a vector. That’s what cyber security experts say Identified and named Go#Webbfuscator.
“Go”, because the code embedded in the image is written in Golang. It is a popular programming language among hackers because it is hard to identify and works on almost all computers. The victim receives an email attaching a .Word document called Geos-Rate.docx.
Malware hides in the picture
If automatically activated when the document is opened with a text editor Executed in Word, the malicious code is returned when displaying its awesome photo in the document. Smacs 0723 was released last July. From that moment, the Connected to its encrypted server.
This ploy will only be a first step for the pirates. The rest is unclear and experts don’t know what the ultimate purpose of these attacks is. It must be said that the campaign targeted victims in different countries and the payloads were not always the same.
As always, having a Word file as an attachment, accompanied by an email urging you to open it, should arouse the greatest suspicion. As well as, when For downloaded files, automatic activation by the user is still a very bad idea.Activation is disabled by default