The Silver Fox group has activated a new phishing campaign targeting entities in India and Russia. They use tax-related lures to deceive victims, leveraging fiscal urgency. The goal is to distribute ABCDoor, a malware that enables remote access and data theft. The strategy exploits trust in official communications to infiltrate corporate and government systems.
ABCDoor: the backdoor that operates in silence 🕵️
ABCDoor is a remote access trojan designed to operate without raising suspicion. Once installed, it establishes connections with command and control servers, allowing attackers to execute commands, exfiltrate documents, and monitor activity in real time. Its distribution via tax-themed file attachments exploits workplace routines. The infection is persistent and difficult to detect without advanced security tools.
Taxes: the perfect bait to not declare your data 😅
It seems Silver Fox discovered that nothing scares a company more than a tax audit. So, instead of using kitten pictures or promises of Nigerian inheritances, they decided to send emails about overdue taxes. The irony is that while victims try to save their tax return, they end up giving away their credentials. At least, if your data gets stolen, you can deduct it as a loss on your next tax return.