Kaspersky Lab, which specializes in developing systems to protect against cyber threats, reported a fraudulent mailing on behalf of The Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor), which has become widespread in Russia
In April, Kaspersky Lab uncovered a series of cyber attacks on system administrators of sites in Russia. By April 23, the company detected about 4 thousand emails containing fraudulent messages sent to more than 2 thousand e-mail addresses. The mailing peaked on April 16-17, but the messages are still coming in.
The purpose of the cyber attack is to infect web resources managed by sysadmins and gain access to the site management. If successful, hackers will be able to create pages, post any information and download files.
Under the guise of a regulatory authority, intruders are sending fraudulent notifications about the need to confirm the fact of domain name management.
The letter contains instructions according to which it is necessary to create a file with specified content in the root directory of the site. In reality, the sysadmin runs a Trojan program with his own hands to remotely control the victim's computer.
"To confirm that you have the actual ability to manage the domain name, create a file (with the .php extension) in the root directory of the site", says the text of the fraud letter.
"In order not to give the recipient time to suspect something wrong, he was required to execute the instruction in a short time - within three days", said Alexander Liskin, head of Kaspersky Lab's antivirus research laboratory.
"Site administrators are often subjected to attacks, for ..
Support the originator by clicking the read the rest link below.
