EN
EN DE
EN
EN DE
Contact Us
Sign Up
Topics
Finance & insurance
Trade
Industry
IT & Consulting
Tourism
Transport
Law
Public

Hackers are using Russian domains to launch complex document-based phishing attacks

0
Share:
  • Data exfiltration tactics are shifting toward Russian domains
  • Remote Access Trojans see a 59% rise in phishing emails
  • Malicious emails now bypass secure gateways every 45 seconds

New research has found there is a significant increase in malicious email activity as well as a shift in attack strategies.

On average, at least one malicious email bypasses Secure Email Gateways (SEGs), such as Microsoft and Proofpoint, every 45 seconds, marking a notable rise from the previous year’s rate of one every 57 seconds, the Cofense Intelligence’s third-quarter Trends Report showed.

There is a sharp increase in the use of Remote Access Trojans (RATs) which allows attackers to gain unauthorized access to a victim’s system, often leading to data theft or further exploitation.

Sponsored Links
Knowledge Library » TrainSecTrainSec

Rise in Remote Access Trojan (RAT) usage

Remcos RAT, a widely used tool among cybercriminals is a major culprit in the rise of RAT attacks. It allows remote control of infected systems which enables the attacker to exfiltrate data, deploy additional malware, and gain persistent access to compromised networks.

Open redirects as a technique in phishing campaigns are also gaining prominence as the report reveals a 627% increase in its use. These attacks exploit the functionality of legitimate websites to redirect users to malicious URLs, often masking the threat behind well-known and trusted domains.

TikTok and Google AMP are often used to carry out these attacks, taking advantage of their global reach and frequent use by unsuspecting individuals.

The use of malicious Office documents, especially those in .docx format, rose dramatically by nearly 600%. These documents often contain phishing links or QR codes that direct victims to harmful websites.

Microsoft Office documents remain a popular attack vector because of their widespread use in business environments, making them ideal for targeting organizations through spear-phishing campaigns.

Furthermore, there is a significant shift in data exfiltration tactics, with increased usage of .ru and .su top-level domains (TLDs). Domains using the .ru (Russia) and .su (Soviet Union) extensions saw usage spikes of more than fourfold and twelvefold, respectively, indicating cybercriminals are turning to less common and geographically associated domains to evade detection and make it harder for victims and security teams to track data theft activities.

You may also like

  • Cyber resilience in the age of AI
  • Researchers discover widespread abuse of free popular VPN alternative for malware delivery
  • These are the best VPNs with antivirus

Source

Leave a Comment

Your email address will not be published. Required fields are marked *

loader-image
London, GB
11:27 am, Jun 12, 2025
weather icon 22°C
L: 21° | H: 24°
overcast clouds
Humidity: 62 %
Pressure: 1011 mb
Wind: 6 mph SE
Wind Gust: 12 mph
UV Index: 0
Precipitation: 0 mm
Clouds: 100%
Rain Chance: 0%
Visibility: 10 km
Sunrise: 4:43 am
Sunset: 9:17 pm
DailyHourly
Daily ForecastHourly Forecast
Today 10:00 pm
weather icon
21° | 24°°C 1 mm 100% 12 mph 76 % 1015 mb 0 mm/h
Tomorrow 10:00 pm
weather icon
16° | 28°°C 1 mm 100% 9 mph 93 % 1020 mb 0 mm/h
Sat Jun 14 10:00 pm
weather icon
16° | 23°°C 0.8 mm 80% 13 mph 98 % 1020 mb 0 mm/h
Sun Jun 15 10:00 pm
weather icon
13° | 21°°C 0.2 mm 20% 10 mph 85 % 1025 mb 0 mm/h
Mon Jun 16 10:00 pm
weather icon
13° | 24°°C 0 mm 0% 7 mph 86 % 1028 mb 0 mm/h
Today 1:00 pm
weather icon
22° | 22°°C 0 mm 0% 12 mph 59 % 1011 mb 0 mm/h
Today 4:00 pm
weather icon
24° | 25°°C 1 mm 100% 11 mph 57 % 1012 mb 0 mm/h
Today 7:00 pm
weather icon
25° | 25°°C 0.75 mm 75% 10 mph 66 % 1013 mb 0 mm/h
Today 10:00 pm
weather icon
20° | 20°°C 0 mm 0% 4 mph 76 % 1015 mb 0 mm/h
Tomorrow 1:00 am
weather icon
18° | 18°°C 0 mm 0% 3 mph 82 % 1016 mb 0 mm/h
Tomorrow 4:00 am
weather icon
16° | 16°°C 0 mm 0% 3 mph 84 % 1017 mb 0 mm/h
Tomorrow 7:00 am
weather icon
18° | 18°°C 0 mm 0% 6 mph 78 % 1019 mb 0 mm/h
Tomorrow 10:00 am
weather icon
22° | 22°°C 0 mm 0% 7 mph 58 % 1020 mb 0 mm/h
Weather from OpenWeatherMap
Name Price24H (%)
Bitcoin(BTC)
€93,347.40
-1.72%
Ethereum(ETH)
€2,387.64
-0.70%
Tether(USDT)
€0.87
0.01%
XRP(XRP)
€1.95
-3.41%
Solana(SOL)
€138.19
-3.51%
USDC(USDC)
€0.87
0.01%
Dogecoin(DOGE)
€0.163853
-5.75%
Shiba Inu(SHIB)
€0.000011
-3.74%
Pepe(PEPE)
€0.000010
-2.83%
Peanut the Squirrel(PNUT)
€0.238785
-5.02%
Risikomonitor
Know and monitor IT vulnerabilities with just one click before it is too late.

Utility link

Useful link

Newsletter

Follow Us

Facebook Twitter Youtube Linkedin

© 2025 risikomonitor.com gmbh

Scroll to Top