Hackers located in Russia are employing a cutting-edge code execution method that makes use of mouse movements in Microsoft PowerPoint presentations to launch malicious PowerShell scripts. For utilising Zoom’s translation capability, the download contains two slides with instructions in both English and French.
According to a research by Cluster25, the threat actor APT28, also known as FancyBear, which is connected to the Russian GRU, utilised the novel method to spread the Graphite malware this month. According to the researchers, the targets include organisations operating in the EU and Eastern Europe’s government and defence sectors. Read More…