skip to Main Content

Cybercrime, IcedID is back in Italy with the same last week stolen conversation

Technical analysis by the Malware Hunter JAMESWT

IcedID is back in Italy with the same last week stolen conversation. The email zip attachment contains an xlsm file. This contacts a single link and downloads the dll, starting malware (aka BokBot) infection

The Italian IcedID campaign, which uses real stolen email conversations, is back. Moreover, the message is the same as that conveyed last week by cybercrime.

The email compressed attachment in zip format contains an xlsm file. This, if opened, contacts a single link to download the dll which starts the malware infection.

IcedID (aka BokBot) is a modular banking trojan used to steal information and credentials from current accounts, e-commerce sites, providers and financial data.

Back To Top