Newsinterpretation

🕵️‍♂️ Silent Cyberattack Hits Russian Aerospace Giant — EAGLET Malware Used to Steal Defense Secrets

A silent and dangerous cyberattack has recently hit one of Russia’s most important industries — its aerospace and defense sector. Using a secret digital spy tool called EAGLET, unknown hackers are believed to have stolen sensitive information from high-level targets inside the country. The campaign, now known as Operation CargoTalon, is causing serious concern due to its advanced tactics and hidden techniques.

The hackers targeted a major Russian aircraft company with a fake cargo document that secretly delivered malware. Once opened, the file allowed attackers to spy on the computer and potentially steal files or take control — all without the user’s knowledge.

Fake Cargo Documents Used to Trick Aerospace Staff

The attack focused on employees of Voronezh Aircraft Production Association (VASO) — a top aircraft builder in Russia. The hackers sent emails pretending to be about cargo shipments. These messages included товарно-транспортная накладная (TTN) files, which are official documents used in Russian transport systems. This made the emails look very real and convincing.

🔥 Cyber nightmare unfolds as malware masquerades as hit games like ‘Warstorm Fire’ and ‘Baruda Quest’

Inside these emails was a ZIP file. When opened, it showed a shortcut file (.LNK) that pretended to open an Excel document. But in the background, it launched a PowerShell command that installed the EAGLET malware on the victim’s computer. The Excel file was just a decoy and mentioned a real Russian company called Obltransterminal, which had been sanctioned by the U.S. in early 2024. This clever trick helped to make the attack seem even more believable.

EAGLET Malware: A Digital Spy Hiding in Plain Sight

Once installed, EAGLET quietly collects details about the infected computer. It then tries to connect to a command-and-control server using the IP address 185.225.17[.]104. From there, it waits for new instructions from the hackers. These commands could tell it to download files, upload stolen data, or give full control of the computer to the attackers.

Although the server is currently offline, security experts explain that the attackers designed EAGLET to act like a hidden doorway for other dangerous tools. It allows hackers to easily install more spyware later without being detected. The malware also shares similarities with another known backdoor called PhantomDL, which has similar spying features and may come from the same group.

💻 AI Turns Rogue—LazyHug Malware Learns Like ChatGPT, Steals Data Silently

Military Sector Also Targeted; Links to Other Hackers Found

Investigators discovered that attackers used EAGLET not only against VASO but also in other operations targeting Russia’s military. These attacks match the patterns of another hacker group called Head Mare, which has a history of spying on Russian government and military networks. The file names and technical style used in Operation CargoTalon are very similar to previous attacks from this group.

In a separate operation, a different hacking team named UAC-0184 (Hive0156) launched a fresh wave of cyberattacks targeting Ukrainian systems. Their weapon of choice is Remcos RAT, a remote access tool that allows attackers to spy on and control infected machines. The group used shortcut and PowerShell files that downloaded Hijack Loader malware, which then launched the Remcos RAT tool.

Some of these fake files included Ukrainian military-themed decoys, suggesting that these hackers are focusing heavily on defense targets and may soon expand their reach.

TOP 10 TRENDING ON NEWSINTERPRETATION

Reports say Trump tried to reach Modi four times but White House disputes claim

A Battle Over Tariffs and Oil The relationship between the...

KillSec ransomware group claims attack on Brazil healthcare software provider MedicSolution

A Dangerous Cyberattack on Healthcare Brazil’s healthcare industry has been...

Northern Virginia delivers shock victory as Walkinshaw flips key seat against White House agenda

Democrats have scored a key victory in Virginia as...

UK ambassador Mandelson admits ‘albatross of regret’ over ties to Epstein’s web of deceit

Peter Mandelson, the United Kingdom’s ambassador to the United...

Newsom draws Megyn Kelly’s ire after sharing old Trump clips to boost online trolling campaign

A sharp exchange unfolded when a well-known media host...

Shocking Files Reveal Bill Clinton Letter in Epstein’s Infamous ‘Birthday Book’

Oversight Committee Releases New Epstein Records The House Oversight Committee...

McGregor channels Trump populism with Musk support in high-stakes Irish presidential race

In early September 2025, Ireland was taken by surprise...

Federal authorities seize $3 million in crypto linked to ransomware that hit US hospitals

Federal authorities have seized nearly $3 million worth of...

Bernie Sanders backs Zohran Mamdani in New York City mayor race citing grassroots momentum

A major political figure has stepped into the New...

JPMorgan handled $1.1 billion for Jeffrey Epstein despite warnings of criminal ties and reputation risk

JPMorgan Chase, one of America’s biggest banks, had a...

Reports say Trump tried to reach Modi four times but White House disputes claim

A Battle Over Tariffs and Oil The relationship between the...

KillSec ransomware group claims attack on Brazil healthcare software provider MedicSolution

A Dangerous Cyberattack on Healthcare Brazil’s healthcare industry has been...

UK ambassador Mandelson admits ‘albatross of regret’ over ties to Epstein’s web of deceit

Peter Mandelson, the United Kingdom’s ambassador to the United...

Shocking Files Reveal Bill Clinton Letter in Epstein’s Infamous ‘Birthday Book’

Oversight Committee Releases New Epstein Records The House Oversight Committee...
error: Content is protected !!
Exit mobile version