On one hand, the Anons hack the websites of banks, institutions and the regime media; on the other, they provide valuable aid to the demonstrators and Tehran is unable to stop them.
Technical analysis by the Malware Hunter JAMESWT
Cybercrime returns the invoice-themed Dridex campaign. The xlsm attachment, distributed by the Cutwail botnet, contacts a random link from an internal list and downloads the malware
New global Dridex invoice-themed campaign. The lure is always C.H. Robinson. The email contains an xlsm attachment.
This, if opened, contacts a random link from an internal list and downloads the DLL, which starts the malware infection chain.
Moreover, malicious Excel documents continue to be distributed by the Cutwail botnet, as the cybersecurity researcher moto_sato discovered in relation to identical campaigns spread in recent weeks. Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially with a courier theme. The targets are mainly companies, but not only.