This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies By closing this message or continuing to use our site, you agree to our cookie policy. Learn MoreThis website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
Home » ESET discovers Operation Spalax: Colombian government and industry sector under targeted attack
In 2020, ESET researchers observed several attacks exclusively targeting Colombian entities, which have collectively been dubbed Operation Spalax. These attacks are ongoing and are focused on both government institutions and private companies, especially in the energy and metallurgical industries. The attackers rely on the use of remote access trojans, most likely to conduct cyber-espionage activities.
Targets are approached with emails that lead to the download of malicious files. In most cases, these emails have a PDF document attached containing a link that the user must click. The downloaded files are regular RAR archives that have an executable file inside. These archives are hosted in legitimate file hosting services such as OneDrive or MediaFire. The phishing emails can be a notification to take a mandatory COVID-19 test, attend a court hearing, or pay traffic fines, or they may concern the freezing of bank accounts.