Human rights organization Amnesty International recently made headlines with a report they released outlining the use of Pegasus malware against activists and journalists. This report, and public trust in the organization, are now being exploited by attackers to distribute Sarwent malware.
The malware is distributed through a fake website that's designed to look like Amnesty International's actual site, and that claims to offer an antivirus tool for protection against Pegasus malware. The actual download is the Sarwent Trojan, which creates a backdoor and can enable remote access — potentially giving the attacker complete control over the victim's machine.
This campaign takes advantage of the recent spotlight on Amnesty International's report and the fear of Pegasus malware. Such tactics are often successful at tricking even savvy users, and may lead to a large number of infected systems.
The URL filtering capabilities in Acronis Cyber Protect block access to malicious websites, while the threat-agnostic detection engines stop Trojans like Sarwent and other cyberthreats from executing, keeping your systems and data safe.