"Threat actors usually try to cast a wide net to maximize their profits, but these attackers are focused on just one country," Kaspersky said in a new analysis.
"It's likely that the attackers are testing the waters with Italian users before expanding their operation to other countries," Kaspersky noted.
"It redirects users to a malicious OneDrive URL but only if they are running Edge, Firefox, or Chrome with their language set to Italian," the Russian cybersecurity vendor said.
"If the users don't pass these checks, they stay on the page," elucidating the targeted approach of the malware.
[
Collection
]
[
|
...
]