An email asks the victim to open a link to confirm the delivery details. It directs to a fake courier page in which user has to digit only the password.
WildPressure targets also the macOS platform. Kaspersky cybersecurity experts: Milum malware has been retooled with a PyInstaller bundle containing a trojan dropper Windows and macOS
WildPressure gang added a macOS malware variant to their latest campaign targeting energy sector businesses in Middle East, while enlisting compromised WordPress websites to carry out attacks. It has been reported by Threat Post cybersecurity experts. Their Milum malware has now been retooled with a PyInstaller bundle containing a trojan dropper compatible with Windows and macOS systems, according to Kaspersky researchers. Compromised endpoints allow the advanced persistent threat (APT) group to download and upload files and executing commands. The cybercrime/cyber espionage group used both virtual private servers (VPS) and compromised servers in their infrastructure, most of which were WordPress websites.