Republic of Kazakhstan - Cyberattack was carried out on the e-government portal
Cyberattack was carried out on the e-government portal
July 9, 2021, 12:07 398 # by the way Write to the author
The malware was distributed using a "watering hole" attack.
A cyber attack has been made on the eGov.kz electronic government portal, the press service of the Zerde National Infocommunication Holding JSC reports.
"Malicious software, the so-called Razy family, has been detected. Samples of the Razy family are a Trojan downloader that masquerades as an office document (Word, Excel and Adobe PDF) to infect users. Often, attackers distribute Razy using a method in which malicious The software is located on the official sites. Thus, the attacker achieves the effect of trust on the part of a potential victim, "the message says.
The domestic antivirus company T&T Security, together with the Zerde holding, analyzed several cases, but those that were disseminated by the "watering hole attack" method through the eGov portal deserve special attention. In such attacks, attackers place malware on sites where potential victims often visit and wait for it to hit their computers.
“Attackers gained access to uploading files to the site and published malicious software under the guise of office documents. The first document is a resolution of the district akimat, and the second document is a financial summary of the akimat’s budget. by embedding it in the final malicious file, "the press service noted.
Specialists have already blocked malicious content using the leading new type of cyber threat protection product - tLab. This system operates on a zero-trust principle, relying on deep behavioral analysis, and high throughput allows tens of thousands of files to be analyzed per day without filters or whitelisting, effectively blocking such threats, even using a "watering hole" attack.
"It should be noted that the tLab system is used as part of the Cyber Shield of the Republic of Kazakhstan, which means that it is safe to say that the state is ready to repel such threats," the message says.
July 9, 2021, 12:07 398 # by the way Write to the author
The malware was distributed using a "watering hole" attack.
A cyber attack has been made on the eGov.kz electronic government portal, the press service of the Zerde National Infocommunication Holding JSC reports.
"Malicious software, the so-called Razy family, has been detected. Samples of the Razy family are a Trojan downloader that masquerades as an office document (Word, Excel and Adobe PDF) to infect users. Often, attackers distribute Razy using a method in which malicious The software is located on the official sites. Thus, the attacker achieves the effect of trust on the part of a potential victim, "the message says.
The domestic antivirus company T&T Security, together with the Zerde holding, analyzed several cases, but those that were disseminated by the "watering hole attack" method through the eGov portal deserve special attention. In such attacks, attackers place malware on sites where potential victims often visit and wait for it to hit their computers.
“Attackers gained access to uploading files to the site and published malicious software under the guise of office documents. The first document is a resolution of the district akimat, and the second document is a financial summary of the akimat’s budget. by embedding it in the final malicious file, "the press service noted.
Specialists have already blocked malicious content using the leading new type of cyber threat protection product - tLab. This system operates on a zero-trust principle, relying on deep behavioral analysis, and high throughput allows tens of thousands of files to be analyzed per day without filters or whitelisting, effectively blocking such threats, even using a "watering hole" attack.
"It should be noted that the tLab system is used as part of the Cyber Shield of the Republic of Kazakhstan, which means that it is safe to say that the state is ready to repel such threats," the message says.
