Sansec cybersecurity experts: The new parasitic malware, spread by CronRAT, hijacks a host Nginx application to masquerade its presence.
Technical analysis by the Malware Hunter JAMESWT
The global Dridex campaign via Quickbooks evolves. The email xls attachment contacts a random url from an internal list and downloads the malware. The list, however, changes in each file
The waves of the Dridex global campaign via Quickbooks evolve.
The email xls attachment, if opened, contacts a random url from an internal list to download the dll and start the malware infection. Unlike in the past, however, the list changes in each file. Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially with a courier theme. The targets are mainly companies, but not only.