US cybersecurity experts: They exploit fictitious identities and pretend to be elsewhere. They are mainly proposed for remote jobs and involving cryptocurrencies.
Technical analysis by the Malware Hunter JAMESWT
Cybercrime, new IcedID campaign via email zip attachments. Each one contains a different xlsm file that contacts a url from an internal list of 6 and downloads the dll activating the malware infection
These each contain a different xlsm file which, when opened, contacts a url from an internal list of six and downloads the dll that triggers the malware infection. IcedID (aka BokBot) is a modular banking trojan used by cybercrime to steal information and credentials from current accounts, e-commerce sites, providers and financial data.