The Ghostwriter Advanced Persistent Threat (APT) group has targeted Ukrainian government and Belarusian opposition groups since 2024, using sophisticated cyber-espionage methods. The group uses weaponized Excel files with malicious macros to deliver malware payloads. Ghostwriter, linked to Belarus’s government, employs phishing emails and lures victims into enabling macros, eventually deploying a downloader malware variant known as PicassoLoader. Specific tactics include creating decoy Excel files and verifying client profiles to ensure only intended victims receive harmful payloads.
Fake Job Interviews Used to Spread Crypto-Stealing Malware
A cyber scam targeting job seekers in the Web3 industry has been discovered, orchestrated by Russian group Crazy Evil. The attackers lured victims to fraudulent
