< img src = "/uploads/blogs/ec/9b/ib-FS1648n2t_237c6fc9.jpg" Alt = "Chinese hackers attacked the Russian government with an updated RAT virus"/> ~ ~ < p >
< P _ngcontent-serverApp-C68 Mongol governmental institutions. They use the updated version of harmful software Mysterysnail Rat, built into fake Word documents to obtain remote control over infected devices. 0 ~/p > ~ > 62 ~ 62 < p >
< h2 class = "News-Subtitle CKE-MarkUp" > Best Friends < p > Ironhusky is not the first time using this software in their spy campaigns, but researchers have found a new activity of this group during the analysis of fresh cyberincyders. Hackers spread the harmful code through the changed script disguised as a Word file. After the document is opened & nbsp; < strong >The infected computer; Rsquo; Uutter unnoticed a new software that provided the presence in the system , reports & nbsp; 24 channel & nbsp; nbsp; nbsp; nbp; < p > one of the detected software & ndash; This is an intermediate backdress that allows you to forward files from a broken device to the Ironhusky server, to run command shells, to create new processes, to delete files and to perform other actions.
~ < p > Found viral files leave traces similar to the Mysterysnail Rat, first described in 2021. It was then built into the infected system as a background service. Now the researchers have recorded the appearance of & nbsp; < strong > lighted the one -component version of the virus, which they called the mysteryMonosnail . This new version of RAT supports dozens of commands.
< p >Virus operators can manage services on an infected device, execute commands from a command line, run or stop processes, operate files and perform other actions that give full control over computer; Rsquo; Rsquo; Victim Week.
~ ~ ~ ~ > < P > When the Mysterysnail Rat was discovered for the first time, it & nbsp; < strong > was directed against IT companies, defense contractors and diplomatic institutions in Russia and Mongolia . Then Ironhusky distributed harmful software through zero -day expression that used vulnerability in Windows core drivers.< p > Ironhusky group itself in the field of view of researchers worldwide in 2017. She then carried out attacks aimed at collecting information about military negotiations between Russia and Mongolia. In 2018, they were again activated using other vulnerability in Microsoft Office, which was also operated by other Chinese groups, Plugx and Poison.
< p > It should be noted that the discovery, study and description of the new virus and this attack were engaged in the Russians themselves, namely the “Casper Laboratory”. That is & nbsp; < strong > they know that China, their closest ally in the war against Ukraine, arranges cyberattacks for government resources . However, this, apparently, is a reasonable price for Russia at which they are ready to close their eyes in exchange for the help provided by Beijing. For example, a week ago President Zelensky stated that & nbsp; China supplies to Russia weapons, including gunpowder and artillery, and can produce it in Russian territory. < Br />0 > 62 ~ > 62 > 62 > 62 > 62 >