On 13 January, a malicious .docx file was uploaded to Virus Total. The attacker who created the malicious file used several of Mitiga’s publicly available branding elements including logo, fonts and colors, to lend credibility to the document.
It should be stressed that: (i) Mitiga’s network and cloud environment were not breached; (ii) the malicious document is unrelated to any activity conducted by Mitiga (e.g. red team exercises); and (iii) the file was created by a threat actor, most likely for use as part of phishing or malware spreading campaigns.
During preliminary research conducted by our team we discovered the following:
- If you have received a fake Mitiga document, please contact us.
- Mitiga distributes documents to external entities using the PDF file format. In the event the use of a .docx is necessary, Mitiga never asks recipients to enable macros or external content. If you receive an unexpected email attachment purporting to be from Mitiga, please treat it with caution.
We will update this post as new information becomes available.