On one hand, the Anons hack the websites of banks, institutions and the regime media; on the other, they provide valuable aid to the demonstrators and Tehran is unable to stop them.
Technical analysis by the Malware Hunter JAMESWT
New courier-themed Dridex campaign. The xlsm attachment, distributed by the Cutwail botnet, contacts a random link from an internal list and downloads the malware
Dridex is again conveyed in a global courier-themed campaign, which exploits the Cutwail botnet. The bait is a false invoice attached to the email in xlsm format.
This, if open, contacts a random link from an internal list and downloads the DLL, which starts the malware infection chain.
Moreover, malicious documents continue to be distributed by Cutwail, as cybersecurity researcher moto_sato discovered in connection with an identical campaign released last week. Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially with a courier theme. The targets are mainly companies, but not only.