TLDR:
- Previously unknown threat actor, Actor240524, targets Azerbaijan and Israel diplomats in cyber espionage campaign
- Attack utilizes phishing emails to deliver malware and steal sensitive data
A previously unknown threat actor known as Actor240524 has been discovered carrying out a cyber espionage campaign targeting diplomats from Azerbaijan and Israel. The attack, detected by NSFOCUS on July 1, 2024, involves spear-phishing emails that lead to the deployment of malware designed to steal sensitive data. The attack chain includes the use of phishing emails with malicious Microsoft Word documents that prompt recipients to enable content and run a macro, ultimately leading to the execution of malware payloads. The Actor240524 group utilizes various techniques to avoid detection and exfiltrate data, highlighting the importance of cybersecurity measures to prevent such attacks.
The attack is believed to be aimed at disrupting the cooperative relationship between the two countries and highlights the ongoing threats faced by diplomats and sensitive government entities. As cyber threats continue to evolve, organizations must remain vigilant and implement robust security measures to protect against such attacks.