Symantec cybersecurity experts: The malware deployment is preceded by a reconnaissance with the AdFind tool. The victims are large organizations.
New Formbook campaign via RFQ. The zip attachment contains an exe: the malware itself. This, if opened, activates the infection chain. Objective: to steal sensitive data from victims
A Request for Quotation (RFQ), arrived from a fake email from a real company, is the latest bait in the global Formbook campaign.
The zip attachment contains an exe file: the malware itself. This, if opened, activates the infection chain. The goal of cybercrime is to steal sensitive data from victims. Formbook, in fact, through the keylogger function, is able to acquire everything the user types. It can also steal email and browser credentials, as well as take screenshots. Finally, it has the ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating those present (the Joe Sandbox analysis).