Washington – Cybercriminals have launched a phishing e-mail campaign by targeting their victims with e-mail messages including, as an attachment, a photo of the Smacs 0723 galaxies sent by the James-Webb telescope, which photo hides malware, warn experts in cybersecurity.
Right now, the spectacular photos of the universe taken by the James-Webb Space Telescope are attracting attention and cybercriminals have understood this. This is how they developed a phishing campaign using the photos of the telescope as a vector, they explain.
The fraudulent message includes code implanted in the image and written in Golang. It is a popular programming language among hackers because it has the advantage of being difficult to identify and it works on almost all systems, it is explained, noting that the victim will receive an email which includes an attachment and a Word document which, once opened with the text editor and if the automatic execution of macros is activated in Word, the malicious code is repatriated while displaying in the document the magnificent photo of the Smacs 0723 galaxies published last July. From this moment, the malware is connected to its encrypted server.
This maneuver would then only be a first step for the pirates. The rest remains unclear and experts do not know what the final objective of these attacks is. The campaign targeted victims in different countries and the payloads were not always the same, it adds.
Cybercrime experts warn that, as always, the presence of a Word file as an attachment accompanying an email encouraging you to open it should inspire the greatest suspicion.