Decoy: fake order from a Taiwanese company. The xls attachment, if opened, contacts a link and redirects the victim to a malicious site, which downloads the malware.
KELA experts: the AES-256 algorithm inhibits the ability of malware to extract passwords from the browser. This is also confirmed by the contraction of data on Genesis, the cybercrime shop.
Cisco Talos cyber security experts found there campaigns that leverage OpenDocument Text format. But could be more in the future. Targets today are English and Arabic-speaking users.
Palo Alto cyber security experts: The group has now over 400 individual actors a targets all industry with BEC schemes, leveraging malware. In particular Information Stealers and RATs.
Bromium cyber security experts: More than a dozen US-based web servers were used to host families: 5 banking trojan, 2 ransomware and 3 information steeler.