The templates change, but the bait remains the same: a package in storage. The goal is to make the user enter sensitive data on a fake site to steal it and activate a subscription.
Cybercrime, RemcosRat goes from industrial engines
RemcosRat goes from industrial engines. The exe attachment of the email from a French spare parts company is the malware
RemcosRat uses a new bait for its new campaign: a French company specialized in spare parts for industrial engines. The “doc2023020199888890001.pdf.exe” attachment of the “Re:YOUR INQUIRY” email is directly the malware.
Remcos is a cybercrime Remote Access Trojan (RAT), mainly associated with courier-themed phishing campaigns and with a wide range of functions: such as closely monitoring user activities, recording audio and video content, capturing of credentials, stealing digital currency, downloading additional payloads, and exfiltrating confidential data by avoiding detection and sandboxes.