TEL AVIV (Realist English). The Israeli technology company Check Point Research has revealed a malicious hacker attack by the Baku minisultanate against banking organizations in Armenia. This is stated in a press release published on the official website of Check Point Research.
“Against the backdrop of growing tensions between Azerbaijan and Armenia over the Lachin corridor at the end of 2022, Check Point Research has revealed a malicious campaign against organizations in Armenia. The malicious software distributed as part of this campaign is a new version of the backdoor, a tracking program that we track as OxtaRAT, an AutoIt—based tool for remote access and desktop surveillance,” the company said in a statement.
In his telegram channel, Israeli journalist and human rights activist Alexander Lapshin spoke in detail about this story, which was classified for six months by Israeli cybersecurity specialists and the Israeli internal security service:
“As you understand, I unwittingly became involved in an extremely unpleasant story related to the crimes of Azerbaijan. This time, the special services of [Ilham] Aliyev decided to try themselves in cybercrime, moving a little away from their usual crime of chopping off the heads of prisoners and torture in prison. They have sent an OxtaRAT virus to Armenian banks, allowing them to “get into” the victim’s computer and watch his monitor. In simple terms, they thus gained access to everything that is on your computer. And you know, everything could have worked for them if it weren’t for the natural show-offs and inflated ambitions. But let’s talk about everything in order.
About six months ago, I was approached by the friends from the Armenian “Artsakh Bank” and asked if I had sent them letters by email? Of course not, I replied. Well, the guys from the bank answered and told me that letters allegedly came from me to their bank and a couple of other banks, and these letters are a little suspicious. There was a PDF file titled as Alexander Lapshin. To which I immediately replied that these were most likely viruses and were being sent by incompetents from the cybersecurity department of the Azerbaijan State Security Service. If the Baku hackers had been a little more careful, then for all their dislike of me, they would not have used my name simply because everyone in Armenia knows me.
They could have titled the file any way they like, but not with the name of the person everyone knows and have my contacts to call and check if I sent the emails. After this happened, I contacted the cybersecurity departments of several Armenian banks, and also contacted friends in Israeli and American companies working in the field of cybersecurity.
My message was taken very seriously, and information about the Azerbaijani cyberattack according to my information was also transmitted to the Israeli special services for evaluation. The fact is that such viruses were once used by Iran to attack Israeli government and commercial organizations. Therefore, the Azerbaijanis, without knowing it, found themselves under investigation by the Israeli cybersecurity services.
On the part of Armenia, this issue was supervised by the company Cyberhub.am. Well done guys, and on the part of Israel, their partner was Checkpoint Corporation (you can easily find them on the Internet), which provides cybersecurity in dozens of countries around the world at the highest state level. The Azerbaijanis, not realizing that they and their activities were being monitored, continued to send out viruses. And not only to Armenian banks, but also for espionage in European countries. As a result, all traces led to Baku and the Checkpoint Corporation investigation was officially published yesterday.
Do you know what was the hardest thing for me? To remain silent all these six months, because an investigation was underway and I was urged to wait for an official press release. I can say that according to my information, this was the first case of a joint investigation of Azerbaijani crimes conducted by specialists from Armenia and Israel. I think this is a good start and God grant that their friendship and cooperation will develop further. By the way, this is not the only investigation related to me that is currently being conducted, right now. Just by other people and organizations. But for now, I ask for a little patience, let’s let the Baku residents get into trouble thoroughly already.”
