Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Fancy Bear Strikes Again: New Mouse Movement Exploit in PowerPoint Unleashes Graphite Malware
Fancy Bear, aka APT28, is back with a devious twist: deploying Graphite malware via mouse movements in MS PowerPoint files. This Russian state-sponsored group uses a PowerShell script to download and execute a malicious dropper, targeting government and defense sectors. Beware of unexpected presentations—your mouse…
Hot Take:
Fancy Bear is back, proving that even the Russian military intelligence unit can’t resist the PowerPoint addiction. Instead of boring slides, they’ve added a touch of malware to keep things spicy. Who knew mouse movements could be so dangerous? Next time you’re in a meeting, keep an eye on that cursor—it might be up to no good!
Key Points:
- Fancy Bear (APT28) is using mouse movements in PowerPoint to distribute malware.
- The attack involves a PowerShell script and a dropper file from OneDrive.
- The malicious payload is a Graphite malware variant utilizing Microsoft Graph API and OneDrive.
- The campaign uses a lure document linked to the OECD.
- Targets include government and defense sectors in Eastern Europe and Europe.
Already a member? Log in here