Seqrite Labs has uncovered an active Russian phishing campaign that delivers Phantom information-stealing malware through malicious ISO files embedded in fake payment confirmation emails.
The sophisticated attack primarily targets finance and accounting professionals in Russia, using social engineering tactics to deceive victims into executing malicious payloads that steal credentials, cryptocurrency wallets, browser data, and sensitive files.
The campaign primarily focuses on finance, accounting, treasury, and payment departments within Russian organizations.
https://gbhackers.com/hackers-target-wi ... m-stealer/