skip to Main Content

Cybercrime, new Dridex campaign via couriers and Cutwail

Technical analysis by the Malware Hunter JAMESWT

New Dridex global campaign via couriers and Cutwail. Fake xlsm invoice, distributed by the botnet, contact a random link from an internal list and download the malware

New global courier-themed Dridex campaign. The bait is an invoice with an xlsm attachment.

The file, if open, contacts a random link from an internal list and downloads the DLL, which starts the malware infection chain. Moreover, as cybersecurity researcher moto_sato discovered, malicious documents continue to be distributed by the Cutwail botnet. Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially with a courier theme. The targets are mainly companies, but not only.

Back To Top