
Russian Criminal Group Finds New Target: Americans Working at Home - furcyd
https://www.nytimes.com/2020/06/25/us/politics/russia-ransomware-coronavirus-work-home.html
======
madma
> The malware, Mr. Chien said, was deployed on common websites and even one
> news site. But it did not infect every computer used to go shopping or read
> about the day’s events. Instead, the code looked for a sign that the
> computer was part of a major corporate or government network. For example,
> many firms have their employees use a “virtual private network,” or V.P.N.,
> a protected channel that allows workers sitting in their basements or attics
> to tunnel into their corporate computer systems as if they were at the
> office.

> “These attacks do not try to get into the V.P.N.,” Mr. Chien said. “They
> just use it to identify who the user works for.” Then the systems wait for
> the worker to go to a public or commercial website, and use that moment to
> infect their computer. Once the machine is reconnected to the corporate
> network, the code is deployed, in hopes of gaining access to corporate
> systems.

...ppl care to speculate on the tools, processes, methods being used?

