Recently, a simple and short email with a suspicious RTF attachment that had been sent to a telecommunications agency in South Asia caught the attention of FortiGuard Labs. The email was disguised as having come from a Pakistan government division and delivered the PivNoxy malware. Affected Platforms: Windows Impacted Parties: Windows users Impact: Controls victim’s machine and collects sensitive information Severity Level: Medium This blog describes how the attack works, suggests who the threat actor behind the operation might be, and details the techniques used by the attacker.
