skip to Main Content

Cybercrime, Dridex conveyed by false MSC invoices

Technical analysis by the Malware Hunter JAMESWT

Dridex is conveyed by false MSC invoices. The xlsm attachment contacts a random link from an internal list and downloads the malware, a Trojan protagonist of campaigns especially with a courier theme

False invoices from the “Mediterranean Shipping Company” (MSC) convey a new Dridex global campaign. The emails, detected by coacaman, contain an xlsm attachment.

These, if opened, contact a random link from an internal list and download the DLL, which starts the malware infection chain.

Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially with a courier theme. The targets are mainly companies, but not only.

Back To Top