malware Detected for filling out forms on the website of the Consulate of Poland in Belarus.

Dimensions antivirus ESET found interesting malicious program that focuses on the forms web page on the website of the Consulate of Poland in Belarus.

On the Embassy's website has a special section on filling in data for the invitation to the meeting or interview at the Consulate. A malicious program in C# performs the process of filling the data in the automatic mode.

the fact that this form must be filled within a certain timeframe (for example, to obtain a visa in January, the form must be filled 20-21 December). However, the number of such meetings is limited, so there is competition. And in order to increase the chance of getting to the interview, the attackers resorted to a special web scripts.



4 days before the opening of the "window" attackers began sending malicious code, focus on the Belarusian computers. Statistics have shown rod hackers caught about 200 000 users. In order to minimize the effect of avtozapolnyaet" the Embassy had to enter a CAPTCHA mechanism and to limit the number of active user connections with the Belarusian and Polish IP.



it is Reported that information about the malicious script was submitted to the centers for rapid response to threats CERT-CERT PL and-BY.

See also: "Bots" steal space in the queue for a Schengen visa on the website of the Embassy of Lithuania.