The cybersecurity researcher Will Bushido discovered a cyber espionage campaign aimed to steal credential from at least 15 companies worldwide.
Technical analyst by the Malware Hunter JAMESWT
The Dridex malspam campaign associated with couriers is back. DHL fake mail contains an .xlsm attachment which, when opened, contacts a random link from a list whitin. This downloads a DLL that infects the PC with malware
Dridex is hiding behind a fake DHL invoice, which cybercrime is distributing in a global malspam campaign. The email contains an .xlsm attachment which, if opened, contacts a malicious link chosen randomly from a list within it. This downloads a DLL that infects your computer with malware. Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world. The targets are mainly companies, but not only. The texts in both cases are written in correct English, although there are no logos or visual references related to the shippers used as decoy.