ESET cybersecurity experts: It’s a banking trojan that has already targeted users from Poland, impersonating Bolt Food. Goal: to steal banking-cryptocurrency credentials.
Technical analysis by the Malware Hunter JAMESWT
Black Friday and Netflix bait for a Dridex campaign. The email xlsb attachment contacts random links from an internal list and downloads the dll, which starts the malware infection
Black Friday is bait not only for phishing, but also for malware campaigns. An email about a fake Netflix offer for the event has been circulating for the past few hours.
The xlsb attachment, if opened, contacts url random from an internal list and downloads the dll, which starts the infection.
Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially with a courier theme. The targets are mainly companies, but not only.