Cybercrime, double “price” themed AgentTesla campaign
A zip attachment contains a img with an exe: the malware. The other, a pdf downloading a zip with an exe: the same malware. The data is exfiltrated via SMTP.
Cybercrime, “Customer’s acknowledgments Copy” Formbook campaign
The "customer's Scan-Copy.ace" compressed attachment contains the "out.ace" file with an exe inside: the malware.
Cyber Warfare, pro-Russian actors in Ukraine hit by PowerMagic-CommonMagic
Kaspersky cybersecurity experts: Victims navigate to a URL pointing to a ZIP archive with 2 files: a decoy document and a malicious LNK that leads to malware infection.
Cybercrime, Formbook campaign via real email conversation
The doc attachment of the “Re: FW: Proforma Demurrage PC Profert SPA” message contains an exe file: the malware.
Cybercrime: here it comes HinataBot, a new Go-based, DDoS- botnet
Akamai cybersecurity experts: The malware exploits protocols such as HTTP and UDP to send traffic.
Cybercrime, why Emotet stopped and resumed its operations
Cybersecurity experts: The malware core infrastructure was originally located in Ukraine. After the Russian invasion, it has moved “at home” or in Belarus.
Cybercrime, a new Formbook campaign exploits a fake email from China
The "inquiry_pdf.rar" attachment contains the "ayeez.exe" file: the malware.
Cybercrime, STRRAT campaign via fake email from Iran
The “درخواست برای نقل قول RFQ 00772544 DCA_pdf.jar” attachment contains the malware itself.
Cybercrime, even Formbook uses the Chinese box trick
The "AEL-ADANI.ace" attachment of a order-themed email contains the "out.ace" file with the "AEL-ADANI" exe inside: the malware.
Cybercrime, Formbook campaign via rtf from China
The “AWD-20-971-JA04Q7.doc” attachment of the “Рuгсhasе Огdег #AWD-20-971-JA04Q7” email, exploiting a vulnerability, contacts a link and downloads an exe: the malware.