Malwarebytes cybersecurity experts: It exploits a fake Java update, social engineering, and a decoy page filled with adult images purporting to be movies.
Akamai cybersecurity experts: The goal is to steal sensitive data. Some sophisticated mechanisms, usually unseen among web skimmers, have been implemented.
Microsoft: These mechanisms, based on PSTN, are the least secure of the MFA methods today. That gap will only widen as adoption increases cybercrime’ interest.
AtlasVPN cybersecurity experts: The lures are coronavirus-linked subjects. US is the most hit country by trojans, followed by Spain, Estonia, India and South Africa.
CheckPoint cybersecurity experts: The malware hits large companies, but asks "little" ransom. It appears to be developed from scratch. It’s detected by a single Virus Total engine.
SANS cybersecurity experts: Campaign exploits a chain of Powershell obfuscated scripts to download the malware. Probably it’s the work of a ransomware gang.
Juniper Threat Labs cybersecurity experts: the malware uses GitHub and Pastebin for housing component code and has at least 12 different attack modules available.
The bait is the usual invoice, theoretically contained in the compressed attachment. Inside there is an exe file which, when opened, triggers the infection of the malware.