APT Hacking Groups From Russia, China and India Are Using a New RTF Format in Phishing Campaigns

State-based hacking groups from Russia, India and China have been observed to use the new Rich Text Format Template in their recent phishing campaigns.

RTF file is a document format created by Microsoft that can be opened using Microsoft Word, WordPad, and other applications found on almost all operating systems.

These files can also include a locally hosted RTF template, which specifies the document's format. Threat actors are abusing the functionality of being able to retrieve the RTF URL resource instead of a local file resource, which allows hackers to distribute malicious payloads via Word documents.


Read More

Got Something To Say?

Your email address will not be published. Required fields are marked *