skip to Main Content

Cybercrime, new Dridex campaign via invoices and Cutwail botnet

Technical analysis by the Malware Hunter JAMESWT

New Dridex campaign via Cutwail invoices and botnets. The email xlsm attachment contacts a random link from an internal list and downloads the DLL, which starts the malware infection chain

New global Dridex campaign on invoices uses the Cutwail botnet to spread.

The xlsm attachment of a false mail from the MSC courier, if opened, contacts a random link from an internal list and downloads the DLL, which starts the malware infection chain. Moreover, malicious Excel documents continue to be distributed by the Cutwail botnet, as cybersecurity researcher moto_sato discovered. Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially with a courier theme. The targets are mainly companies, but not only.

Back To Top