[email protected]

Cybercrime, new Lokibot campaign via false invoice

Malware Hunter JAMESWT Technical Analysis

New Lokibot campaign via false invoice. The xlsx attachment of the email contacts a url and downloads the malware. The campaign is not geofenced and there are no blacklists

New invoice-themed Lokibot campaign.

The xlsx attachment of the email contacts a url and downloads the malware.

The campaign is not geofenced and there are no blacklists. The goal of the cybercrime behind the operation is to steal sensitive information from the victim. Lokibot (aka Loki PWS and Loki-bot) is an information — stealer, which acquires credentials, cryptocurrency wallets, and other types of data.

Malware C2

cybercrime cybersecurity information stealer infosec JAMESWT Loki PWS Loki-bot LokiBot malware sicurezza informatica

Francesco Bussoletti