skip to Main Content

Cybercrime, new Lokibot campaign via catalog request

Technical analysis by the Malware Hunter JAMESWT

New Lokibot campaign via catalog request. The email gz attachment contains an exe: the malware itself. Opening it, the infection is activated

The latest global Lokibot campaign uses a catalog request as a lure.

The email gz attachment contains a followable file, the malware itself. This, if opened, activates the infection. The goal of the cybercrime behind the operation is to steal sensitive information from the victim. Lokibot (aka Loki PWS and Loki-bot) is an information — stealer, which acquires credentials, cryptocurrency wallets, and other types of data.

Malware’s C2

Back To Top