Government agencies in Croatia have been targeted with never before seen malware payload, named SilentTrinity.
- A mysterious hacker group has targeted, and most likely infected, Croatian government employees between February and April this year
- Emails contained a link to a remote website with a lookalike URL, where users were asked to download an Excel document.
- The document was laced with malicious code packed as a macro script which appeared to have been largely copied off the internet
- The macro script, if enabled by the victim, would download and install malware on their systems.
— Techie Buzz (@buzz_techie) July 8, 2019
Javvad Malik, Security Awareness Advocate at KnowBe4:
“While this attack has malware embedded in a document, it is largely reliant on being able to trick users into clicking the phishing link to the document as well as having macros enabled to automatically run. This is why user awareness training plays such an important role in preventing phishing and other social engineering attacks from being successful.