skip to Main Content

Cybercrime, Lokibot “Re TOP URGENT Shipping Documents” campaign

Malware Hunter JAMESWT Technical Analysis

News Lokibot campaign via “Re TOP URGENT Shipping Documents” email. Doc attachment contacts a url from which it downloads the malware. The campaign is not geofenced and there are no blacklists

The email “Re TOP URGENT Shipping Documents” distributes a new Lokibot campaign.

The doc attachment contacts a url from which it downloads the malware. The campaign is not geofenced and there are no blacklists. The goal of the cybercrime behind the operation is to steal sensitive information from the victim. Lokibot (aka Loki PWS and Loki-bot) is an information-stealer, which acquires credentials, cryptocurrency wallets and other types of data.

Malware C2

Back To Top