Atref effect?

MindU has announced a possible hack into its mail server

Are we experiencing a late effect of the attack on the Atref site?

MindUs, an information systems company, has announced a hack into its mail server and malicious emails sent on its behalf

Yinon Ben Shoshan

23/11/2021

Tuesday, 23 November 2021, 14:37 Updated: 15:01

• Share on Facebook

• Share on WhatsApp

• Share on Twitter

• Share on Email

• Share on general

• Comments

  Comments

Cyber ​​(Photo: ShutterStock)

We have not yet recovered from the trauma of a hack into the servers of a cyber company refused by an Iranian hacker group, and here another company announces on its own initiative the possibility of hacking into its mail servers, called MindU.

MindU was established in 2001, and according to data on the Crunchbase website, is engaged in the field of information systems.

The company issued an initiated email to its customers today (Tuesday), in which it warns against emails impersonating emails on its behalf, which ironically announce a "cyber incident" or offer a seminar on the subject, and contain malicious content.

MindU currently recommends that their customers block the domains mindu.co.il and onehub.com, and search for the topics "international seminar" or "very important" in the email, and delete the suspicious messages.

Mindu people sign their email with a message that they will announce further developments.

Good to know (promoted)

November Sale: Your chance to beat the pain - on sale

Served on behalf of Bee Cure Laser

Atref effect? ​​(Photo: screenshot, screenshot)

Tom Malka, SOC director at Security Joes, explains that this is not an attack similar to the one we saw on Atref.

Yes, you can see, says Malka, that the emails are sent from MindU LTD's account and it also appears in the recipient's name to inspire credibility, and the email refers to a legitimate file download site - the "seminar" download.

Inside the compressed file that the victim will download from the file-sharing site, Malka says is embedded a remote control software called ConnectWise.

Activating it, Malka explains, will allow attackers to take over the computer and do whatever they please - from publishing information without permission to turning the infected computer into a tool for spreading damage to other computers.

Malka's recommendation is not to open the excellent email, and of course not to download the file.

If you have nevertheless downloaded and run the file, it is advisable to seek the advice of a professional or security company to assess the situation.

• technology

• news

Tags

• Cyber