Proofpoint: Hackers are increasingly hacking into PCs of text documents
Hackers have begun to infiltrate victims' computers more often using infected RTF files. This was reported in a report by the cybersecurity company Proofpoint.
In their study, experts noted the increasing incidence of hacking of PCs using RTF text documents. Such files are updated in such a way that after reading them, a specific url link is opened. After that, attackers can install malware on the victim's computer without attracting attention.
The description of this hacking method says that it is most often used when attacking corporate users and various enterprises. This is due to the fact that company employees often exchange text documents on their work. Also, antiviruses usually ignore the infected RTF file. “This is not a complicated method – it is simple and reliable to use,” the authors of the report noted.
Experts suspect hackers in the distribution of such letters that are in contact with various interested parties from Russia, China and India. In particular, Proofpoint engineers caught the Leviathan and Gamaredon groups using a similar method, which are associated with the Chinese government and the Russian security forces.
At the end of November, Proofpoint experts said that the North Korean hacker group Kimsuky was targeting political scientists exploring the DPRK and scientists. Cybercriminals send phishing emails on behalf of prominent Russians in the industry.