Regarding this - does anybody know if this is a legit ESET email? @ESETresearch
I'm trying to establish if the ESET download is the cause or a symptom of existing access
cyberplace.social/@ericshmeric…
ericshmeric (@ericshmeric@cyberplace.social)
@GossiTheDog A friend in .il said his network was hit with this wiper last week. MO seems similar to Handala's. He said the trigger was the same email from ESET and payload hosted on their infra too. https://forum.eset.Cyberplace
Questa voce è stata modificata (7 mesi fa)
Kevin Beaumont
in reply to Kevin Beaumont • • •Okay... I've obtained the file and the email.
The emails passed SPF and DKIM for ESET Israeli's email, and are signed as Eset Advanced Threat Defense Team.
The file has been taken offline.
Kevin Beaumont
in reply to Kevin Beaumont • • •Kevin Beaumont
in reply to Kevin Beaumont • • •