Hacking group targeting cybersecurity professionals

A hacking group known as Group 74 is targeting professionals in the cybersecurity community with a fake conference document.

The campaign uses a macro embedded in an advert for the Cyber Conflict U.S. Conference (CYCON) that’s directly aimed at IT pros.

The lure is convincing enough that even trained pros might fall for it, as CYCON is a well-known conference.

The document contains text taken directly from the conference’s website.

A sign that points to Group 74’s involvement is the kind of malware used: Seduploader.

The malware, once on a computer, can capture screenshots, exfiltrate data, execute code and download more malicious files.

Since the virus was embedded within an otherwise legitimate Office document, researchers looking into the campaign believe that Group 74 wanted the virus to remain hidden as long as possible.

Lately, there has been a resurgence of attacks that are using old tactics, but creatively reinvented to target new victims who might be unfamiliar with older methods.