TAG cybersecurity experts: The breadth of targets in those campaigns stands in contrast to many government-backed operations.
Technical analysis by the Malware Hunter JAMESWT
RemcosRAT campaign via fake bank remittance. The xlsx attachment contains an exe file: the malware itself
A false bank remittance is the lure of a new RemcosRAT campaign.
The xlsx attachment contains an exe file: the malware itself. This, if open, activates the chain of infection. Remcos is a cybercrime Remote Access Trojan (RAT), associated above all with courier-themed phishing campaigns and with a wide range of features: such as closely monitoring user activities, recording audio and video content, credentials, digital currency theft, download of additional payloads and exfiltration of confidential data avoiding detection and sandboxes.