Rare Computer Virus Detected in Ukrainian Network, Confidential Document Potentially Compromised
Cisco Talos, a US cybersecurity firm, said it detected the OfflRouter virus in Ukrainian networks embedded in text documents “with potentially confidential information” during a “threat-hunting exercise.”
The virus remains active in Ukraine and could potentially upload documents of unsuspecting users whose computer is infected with the virus, it said.
The firm said the virus was embedded in legitimate documents – often originating from government agencies – as “lures” by adding “content that will trigger malicious behavior,” in a bid to entice unsuspecting governmental users to download and share the infected documents in order to target government and military organizations. While it’s known that the virus would infect other files in the user’s computer, it is unclear how the document would be shared publicly once it’s been infected based on Cisco Talos’ report.