Cybercrime, Alibaba bait of an HTML phishing scam
A fake email points to a page that simulates that of the e-commerce portal. Objective: steal credentials.
Cybercrime, fake Audit report bait for an HTML phishing campaign
The goal is to steal the SharePoint Online credentials via a fake platform landing page. Victims have three attempts to digit the password, all of which will be wrong.
Cybercrime, new Lokibot campaign via SWIFT transfer
The doc attachment contacts a url from which it downloads the malware. The campaign is not geofenced and there are no blacklists.
Cybercrime, the real companies email themed AgentTesla campaign restarts
The img attachment contains an exe file: the malware. The stolen data is exfiltrated through the usual FTP address.
Cybercrime, new wave of the engineering-machinery companies themed AgentTesla campaign
The img attachment contains an exe: malware. Stolen data is exfiltrated via the same FTP address linked to previous waves.
Cybercrime, SWIFT transaction-themed Formbook campaign from Turkey
The email rar attachment contains an exe file: the malware.
Cybercrime, Emotet still in Italy with a document-themed campaign
The email xls attachment contacts a link from an internal list and downloads the dll, using the epoch 4 botnet, starting the malware infection.
Cybercrime, double AgentTesla campaign with a courier / shipper theme
The emails contain a link that downloads an iso with the malware inside or directly a 7z with the malicious exe.
Cybercrime, AgentTesla spread by real emails from UAE engineering companies
AgentTesla spread by real emails from UAE engineering companies. All the messages have the same attachment: an img file with an exe inside, the malware itself. Stolen data is exfiltrated via FTP Someone is exploiting UAE engineering companies to convey…
Cybercrime, The mail “RE: Purchase Inquiry: KPC / PU-231 (MECH) NBI / 20-22” bait for Lokibot
The message rar attachment contains an exe file: the malware itself.