The message rar attachment contains an executable file: the malware itself. Stolen data is exfiltrated with smtp.
FireEye cyber security expert Jens Monrad: The most dangerous cyber threat to the EU are malware for credential theft. In 2018, nearly 50 percent of all detected threats in Europe were within this category
The most dangerous cyber threat in Europe are the malware for credential theft. It was highlighted by the FireEye cyber security expert, Jens Monrad. In a blog post on the company he explained that from 1 January to 31 December 2018 almost 50% of cyber threats detected, linked to the Old Continent, are part of the credential theft malware category. According to the expert, this is a global problem, but the organizations most at risk are those in the EU. This is due to a number of reasons, among which the constant long-term focus of the European Union on digitization. The initiatives in this sense focus on a variety of categories, ranging from ensuring high-speed connectivity for EU citizens to the way they interact with their governments, as well as the possibilities for European businesses and citizens to do business online.
Cybercrime and malicious hackers change targets. From financial services, they switch to EU-Centric systems. Whether they are governments, health systems or otherwise. Organizations unconsciously help cyber criminals
In the past, according to FireEye’s cyber security expert, it was observed that malware for credential theft primarily targeted customers in the financial services industry. However, the findings in 2018 suggest that the scenario could change. In fact, the targets of cyber attacks could become the credentials of the EU-centric systems. From governments to national health services, from salary and other king. Moreover, last year we saw that cybercrime sold large volumes of credential theft, as well as alleged direct access to company infrastructure. In addition, the most notorious malware families for these purposes have expanded their targeting over the years to include major online retailers, gambling sites and other sites outside the financial services Industry. This is combined with the fact that for many organizations, access and identity management is still a challenge. As a result the danger increases.