Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation Armenian Watering Holes

Several high-profile websites were used by the Turla threat group to target the government sector of Armenia with malware disguised as Adobe Flash updates. The compromised sites hosted malicious JavaScript which loaded code from a secondary website. The malware exfiltrated a range of data including system information, screen resolution, and the browser's plugin list to the actor's command and control server. Visitors deemed interesting were served with a fake Adobe Flash update warning which downloaded a legitimate Adobe Flash installer along with the malicious software.
Name Modified Date Sources
Operation Armenian Watering Holes 2020-03-18