. home.aspx

NEWS

home.aspx
   


Attacks in Turkey Used Excel Formula Injection

July 12, 2019 / Kacy Zurkus

Having tracked the activities of threat actors suspected of being involved in a large number of malicious spam attacks targeting organizations based in Turkey, Sophos researchers determined that the attackers flew under the radar using Excel formula injections to deliver the payload. “The threat actor predominantly targets victims based in Turkey using malspam email messages written in the Turkish language. The spam author’s grasp of Turkish grammar, among other indicators, lends credibility to the hypothesis that both the origin and targets of this campaign are in Turkey,” wrote Sophos’s Gabor Szappanos in a July 12 blog post. Researchers suspect that the method of attack may soon extend beyond the borders of the Türkiye Cumhuriyeti. Successful ideas eventually infiltrate the entire crimeware ecosystem, and while this may not be the most effective tool for criminals, they can still use it like any other tool in the toolbox.