Baku Retsu / KrulUA / Getty Images
Researchers from Cybereason Nocturnus Team have detected anomalous characteristics in a newly discovered RoyalRoad weaponizer that delivers a previously undocumented backdoor. The researchers have been tracking recent developments in the RoyalRoad when they uncovered an attack targeting a Russian-based defense contractor.
Spear-phishing attack targets Russian defense contractor
In this instance, the target of the spear-phishing attack was a general director working at the Rubin Design Bureau, a Russia-based defense contractor that designs nuclear submarines for the Russian Federation’s Navy.
The email used to deliver the initial infection vector was addressed to the “respectful general director Igor Vladimirovich” at the Rubin Design Bureau, a submarine design center from the “Gidropribor” concern in St. Petersburg, a national research center that designs underwater weapons.