A hacking group called ComicForm has been conducting targeted phishing campaigns against organizations in Belarus, Kazakhstan, and Russia since April 2025, mainly focusing on industrial and financial sectors. The attackers use sophisticated malware delivery mechanisms, including obfuscated loaders and credential harvesting phishing sites, with signs of broader international targeting. #ComicForm #Formbook #MechMatrixPro #MonteroDll #LatinAmericanThreats
Keypoints
- ComicForm is an undocumented hacking group targeting Eastern European countries since April 2025.
- The group employs phishing emails with malware-laden attachments disguised as PDFs to deliver malicious DLLs.
- The malware chain involves creating scheduled tasks and disabling detection mechanisms to evade security tools.
- Phishing campaigns also include credential theft through fake login pages mimicking legitimate services, using dynamic scripts.
- Recent activities suggest the group’s larger focus on espionage and information theft with potential international implications.
Read More: https://thehackernews.com/2025/09/comicform-and-sectorj149-hackers-deploy.html