skip to Main Content

Cybercrime, new Dridex worldwide campaign via FedEx

Cyber security expert JAMESWT discovers a new cybercrime malspam campaign to spread Dridex globally. The lure is a fake invoice by the courier. The XLS attachment dowloads a DLL that infects the computer with the malware

FedEx is the last lure used by cybercrime to spread Dridex in a wordlwide campaign.  Cyber security expert JAMESWT discovered new malspam attacks that exploit a fake invoice by the courier with an XLS document attached. If the victims opens it, the file will contact many C2 servers and download a DLL. This wil infect the machine with the malware (aka Bugat and Cridex). It’s specialized in stealing bank credentials to launch fraudolent transactions.

The email with the fake FedEx invoice

Back To Top