APT Hacking Groups From Russia, China and India Are Using a New RTF Format in Phishing Campaigns

State-based hacking groups from Russia, India and China have been observed to use the new Rich Text Format Template in their recent phishing campaigns.

RTF file is a document format created by Microsoft that can be opened using Microsoft Word, WordPad, and other applications found on almost all operating systems.

These files can also include a locally hosted RTF template, which specifies the document's format. Threat actors are abusing the functionality of being able to retrieve the RTF URL resource instead of a local file resource, which allows hackers to distribute malicious payloads via Word documents.

Read more...

Read More

Got Something To Say?

Your email address will not be published. Required fields are marked *