The publications are suspended, except for particular events, from 1 to 21 August. In the meantime, we are preparing some news for the second half of the year.
Technical analysis by the Malware Hunter JAMESWT
New global QNodeService campaign via fake DHL invoices
QNodeService is hiding inside a fake DHL invoice, as part of a global cybercrime malspam campaign. The message contains a compressed attachment in jar format. This, when opened, works as a Java downloader to download the malware. QNodeService is a trojan capable of stealing credentials, loading other payloads into the computer and performing further operations. It mostly targets Windows systems, but may hit even more in the future.