Cyber Analysis Group - CyberAGroup - OSINT Darkweb Investigations  - Insider Threat - Crypto - Online threat & exposure - SOCMINT - Canadian

‹ Back

The Russian state-sponsored threat group APT28 has adopted a new tactic, leveraging Signal chats to distribute malware strains, BeardShell and SlimAgent, through malicious Word (.doc) documents. In this campaign, Signal serves as the delivery channel for phishing messages that include infected document attachments targeting victims.

The resurgence of malicious code embedded in document files such as Word and PDF is not limited to advanced state actors like APT28; it is increasingly common across the broader cyber threat landscape. In response to this growing risk, CyberAGroup developed GetSafeDocs.com, a platform that automatically scans documents for embedded malware.

Key features of GetSafeDocs.com:

Safe document preview: Users can securely preview documents in lieu of downloading and opening them on their local machine, eliminating the risk of infection.

GetSafeDocs not only automatically scans and securely delivers documents to your recipients, helping prevent the spread of malware and showing your commitment to their security, but it can also be used to scan any documents you have without sending them anywhere.

Always scan suspicious documents before opening them, even if they appear to come from trusted sources.