A cyber hacking group known as APT28 has recently launched a new campaign targeting diplomats by spreading malware through a fake car sale announcement. The campaign, which started in March 2024, is designed to lure victims into clicking on malicious links.
This method of using fake ads to distribute harmful code is a common tactic utilized by cyber criminals for several years. By masquerading as a legitimate luxury car sale, hackers aim to trick unsuspecting individuals into downloading malware onto their devices.
According to Unit 42 experts, the recent campaign by APT28 involved the use of public and free services to disseminate malicious files and links. On March 14, 2024, a suspicious link was shared on the legitimate Webhook [.] Site and later identified by Virustotal.
Webhook services were initially created to locate various files on the internet, but over time, they have evolved to represent all types of web resources. This shift has made it easier for hackers to disguise malicious links as legitimate ones, increasing the risk of cyber attacks.