Detection and Delivery
In July 2024, a new cyber threat named CMoon was identified by Kaspersky Lab’s threat monitoring systems. This sophisticated worm was discovered on a legitimate website of a company offering gasification and gas supply services in Russia. The attackers cleverly replaced legitimate document download links with malicious executable files disguised as regulatory documents in various formats such as .docx, .xlsx, .rtf, and .pdf, but with an additional .exe extension. These files were presented as self-extracting archives containing both the genuine document and the malicious code.
Exclusive Access: Unlock Premium, Confidential Insights
Unlock This Exclusive Content—Subscribe Instantly!
Login if you have purchased
