skip to Main Content

Cybercrime, fake invoice from Dubai conveys Formbook

Technical analysis by the Malware Hunter JAMESWT

A fake invoice from Dubai conveys Formbook. The email zip attachment contains an exe file, disguised as a pdf: the malware itself

A fake invoice from Dubai in the United Arab Emirates (UAE) conveys a new Formbook campaign.

The email zip contains an executable file disguised as a pdf: the malware itself.

This, if open, activates the chain of infection. The goal of cybercrime is to steal sensitive data from victims. Formbook, in fact, through the keylogger function, is able to acquire everything the user types. It can also steal email and browser credentials, as well as take screenshots. Finally, it has the ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating those present.

Back To Top