{"id":53929,"date":"2023-09-29T13:55:00","date_gmt":"2023-09-29T13:55:00","guid":{"rendered":"https:\/\/www.darkreading.com\/dr-global\/targeted-attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files"},"modified":"2023-09-29T13:55:00","modified_gmt":"2023-09-29T13:55:00","slug":"attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/","title":{"rendered":"Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc9ce579a486fe91f\/6516ab2a9799b66e25a996e2\/spearphishing_computer_Muhammad_Ribkhan_Alamy.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>A spear-phishing email posing as a memo from the president of an Azerbaijan company hid malware behind images to infiltrate businesses associated with the firm.<\/p>\n<p><span><\/span>According to <a href=\"https:\/\/www.fortinet.com\/blog\/threat-research\/threat-Actors-exploit-the-tensions-between-azerbaijan-and-armenia\" target=\"_blank\" rel=\"noopener\">research from Fortinet<\/a>, the emails c<span>ited the conflict between Azerbaijan and Armenia and contained<\/span> a zip file. The photos in that file contained both genuine and malicious content.<\/p>\n<p>The victims were management teams of businesses associated with the Azerbaijanian company, according to Fortinet. Fortinet senior security engineer Fred Gutierrez, who declined to name the spoofed firm, says other businesses hit with the campaign included subsidiaries of the company as well as its business partners.<\/p>\n<p>The email claims to contain information about a border clash between soldiers from Azerbaijan and Armenia, and included an <a href=\"https:\/\/attack.mitre.org\/techniques\/T1027\/006\/\" target=\"_blank\" rel=\"noopener\">obfuscated link via HTML smuggling<\/a>, which displays four images, one of which is actually a LNK file that downloads the malware.<\/p>\n<p>&#8220;Opening the email is enough to begin the infection chain,&#8221; <span>Gutierrez says. &#8220;<\/span>It will automatically download a zip file \u2014 that contained the images \u2014 to the user&#8217;s computer. HTML smuggling requires the user to perform an action to actually become fully infected. In this case, the user would have to manually type in the password to open the zip file and then launch the corresponding file inside.&#8221;<\/p>\n<p>The password is included in the text of the email, he adds.<\/p>\n<p><a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/reports-point-to-uptick-in-html-smuggling-attacks\" target=\"_blank\" rel=\"noopener\">HTML smuggling<\/a> occurs when JavaScript automatically downloads a zip file to the victim&#8217;s computer once the email is opened; at that point, the user is notified that the zip file has been downloaded. There&#8217;s no option to decline or accept the download.<\/p>\n<p>Once the user opens the downloaded zip file and enters a password that opens the fake image, the installer is downloaded.<\/p>\n<h2 class=\"regular-text\">What Is Unique About the Malware?<\/h2>\n<p>This malware is programmed in the increasingly popular <a href=\"https:\/\/stackoverflow.blog\/2020\/01\/20\/what-is-rust-and-why-is-it-so-popular\/\" target=\"_blank\" rel=\"noopener\">Rust<\/a> language.<\/p>\n<p>The malware creates a temporary file named &#8220;24rp.xml&#8221; that sets a scheduled task to steal the information outside of regular office hours. Researchers claim the malware can sleep for random amounts of time when performing its tasks. This technique assumes that the intended targets leave their computers on overnight so the malware can execute outside regular office hours, when it is less likely to be noticed.<\/p>\n<h2 class=\"regular-text\">What Does It Steal?<\/h2>\n<p>The malware culls basic computer information and sends it to a command-and-control (C2) server. Gutierrez says the malware only looks for basic information, including the privileges and permissions of the victims, system configuration, applications running, network configuration, and a list of user accounts.<\/p>\n<p>&#8220;The nature of the information suggests this is either a red-teaming exercise or, more likely, the next step in the reconnaissance phase of a targeted attack,&#8221; he says.<\/p>\n<p>To defend against this type of attack, Fortinet recommends learning the signs of phishing, whether it comes in the form of an email or a webpage such as in a <a href=\"https:\/\/www.darkreading.com\/dr-global\/israeli-shipping-logistics-companies-targeted-in-watering-hole-attacks\" target=\"_blank\" rel=\"noopener\">watering hole attack<\/a>. Gutierrez also recommends users avoid opening unknown files, using anti-malware programs and services, as well as reporting any strange files to their IT or network security departments.<\/p>\n<p>For the obfuscated link, the mitigation is not so straightforward. <span>According to<\/span> <a href=\"https:\/\/attack.mitre.org\/techniques\/T1027\/006\/\" target=\"_blank\" rel=\"noopener\">an advice page from MITRE<\/a>, this type of attack technique cannot be easily mitigated with preventive controls because it is based on the abuse of system features.<\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/dr-global\/targeted-attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Images purporting to be of the Armenia and Azerbaijan conflict were malware downloaders in disguise.Read More <a href=\"https:\/\/www.darkreading.com\/dr-global\/targeted-attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-53929","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-29T13:55:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc9ce579a486fe91f\/6516ab2a9799b66e25a996e2\/spearphishing_computer_Muhammad_Ribkhan_Alamy.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files\",\"datePublished\":\"2023-09-29T13:55:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/\"},\"wordCount\":555,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltc9ce579a486fe91f\\\/6516ab2a9799b66e25a996e2\\\/spearphishing_computer_Muhammad_Ribkhan_Alamy.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/\",\"name\":\"Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltc9ce579a486fe91f\\\/6516ab2a9799b66e25a996e2\\\/spearphishing_computer_Muhammad_Ribkhan_Alamy.jpg\",\"datePublished\":\"2023-09-29T13:55:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltc9ce579a486fe91f\\\/6516ab2a9799b66e25a996e2\\\/spearphishing_computer_Muhammad_Ribkhan_Alamy.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltc9ce579a486fe91f\\\/6516ab2a9799b66e25a996e2\\\/spearphishing_computer_Muhammad_Ribkhan_Alamy.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/","og_locale":"en_US","og_type":"article","og_title":"Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-09-29T13:55:00+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc9ce579a486fe91f\/6516ab2a9799b66e25a996e2\/spearphishing_computer_Muhammad_Ribkhan_Alamy.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files","datePublished":"2023-09-29T13:55:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/"},"wordCount":555,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc9ce579a486fe91f\/6516ab2a9799b66e25a996e2\/spearphishing_computer_Muhammad_Ribkhan_Alamy.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/","url":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/","name":"Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc9ce579a486fe91f\/6516ab2a9799b66e25a996e2\/spearphishing_computer_Muhammad_Ribkhan_Alamy.jpg","datePublished":"2023-09-29T13:55:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc9ce579a486fe91f\/6516ab2a9799b66e25a996e2\/spearphishing_computer_Muhammad_Ribkhan_Alamy.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc9ce579a486fe91f\/6516ab2a9799b66e25a996e2\/spearphishing_computer_Muhammad_Ribkhan_Alamy.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53929","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=53929"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53929\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=53929"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=53929"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=53929"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}