skip to Main Content

Cybercrime, new Lokibot campaign via SWIFT transfer

New Lokibot campaign also via SWIFT transfer. The doc attachment contacts a url from which it downloads the malware. The campaign is not geofenced and there are no blacklists

“RE: SWIFT DETAILS- TT DETAILS-BANK TRANSFER” is the subject of a new email, which conveys a Lokibot campaign.

The doc attachment contacts a url from which it downloads the malware. The campaign is not geofenced and there are no blacklists. The goal of the cybercrime behind the operation is to steal sensitive information from the victim. Lokibot (aka Loki PWS and Loki-bot) is an information-stealer, which captures credentials, cryptocurrency wallets and other types of data.

Malware C2

Back To Top