Hacker group «Lazy Koala» is attacking government and financial organisations in CIS countries. The new cyber group was discovered by Russian company «Positive Technologies», which specialises in developing information security solutions.
According to the online publication «TASS», a series of attacks targeted government and financial companies, as well as medical and educational institutions in Russia, Belarus, Kazakhstan, Uzbekistan, Kyrgyzstan, Tajikistan and Armenia.
«Positive Technologies» reported that approximately 867 user accounts of employees from various companies have already been compromised.
Experts note that the stolen data is likely used by criminals in further attacks on companies' internal systems. The information may also be sold on the dark web cyber services market.
«Lazy Koala does not use sophisticated tools, tactics or techniques, yet it still achieves success. Its main weapon is a primitive stealer written in Python (malware for stealing passwords), which we believe is distributed using good old-fashioned phishing. The fraudsters convince the victim to open an attachment and run the required file in their browser», said Denis Kuvshinov, head of the cyber threat research department at «Positive Technologies» Security Expert Centre.
The company advised internet users not to open suspicious emails, not to click on unknown links, not to download software from untrusted sites and torrent platforms, and to use licensed versions from trusted sources.
Recall that earlier, Kazakhstani citizens were informed about a leak of their personal data in the «EgovMobile» application. Notifications were also sent to those who had never taken out loans from microfinance organisations.
Shortly before that, a massive leak of internal data occurred at the Ministry of Public Security of the People's Republic of China. Files containing confidential conversations and operational data were posted on the GitHub hosting platform in open access. Among the published files, the private data of subscribers of Kazakhstani telecom operators Beeline, Altel, Tele2, Kcell and Kazakhtelecom was also found.
It was also reported that among the leaked files, information from the UAPF from 2019 and data on passengers of the airline «Air Astana» were discovered.