2024 Webinar impersonation APT attack detected.

◈ Executive Summary

● Attack impersonating actual field and webinar event scheduled for January 10, 2024 in the field of unification strategy
● Malicious file disguised as an event invitation is manipulated with a Google Form link and downloaded from Dropbox
● Malicious file of shortcut (LNK) type exists inside the downloaded ZIP compressed file
● Attempt to leak information to pCloud using the typical APT37 group’s spear phishing attack style
● Early identification and preemptive response to internal threat signs possible through Genian EDR service

Full Report: https://www.genians.co.kr/blog/threat_intelligence/webinar-apt