Cybercrime, new Dridex global campaign via Dropbox
The link in the email downloads an xls file. This downloads the dll, from an internal list of URLs, starting the malware infection.
Cybercrime, Dridex is back with the invoice-themed campaign
Real company fake mail contains an xlsm file. This contacts a link from an internal list and downloads the dll, which starts the malware infection.
Cybercrime, Dridex is back with an invoice-themed campaign
The e-mail contains an xlsm attachment. This, if opened, contacts a random url from an internal list and downloads the dll, which starts the malware infection.
Cybercrime, Dridex attacks again via Quickbooks
By opening the link in the email, you download a doc file that contacts a url from an internal list and download the dll, which starts the malware infection.
Cybercrime, Dridex returns via couriers and invoices
The xlsm attachment, if open, contacts a random link from an internal list and downloads the dll that starts the malware infection.
Cybercrime, Dridex still leverages Intuit Quickbooks in its global campaign
The email on an fake invoice contains an xlsm attachment. This contacts a random link from an internal list and downloads the dll, which starts the malware infection.
Cybercrime, Dridex goes from fake Amazon Gift Card emails
The link in the messages directs the victim to a url (different for each email) and downloads an SCR, a VBS or a doc, which activate the malware infection.
Cybercrime, a hybrid Drixex-Smokeloader malware goes by fake invoices
Global malspam campaign with xlsm attachment. It contacts a link from an internal list and downloads a dll, which contains a trojan and backdoor-loader hybrid.
Cybercrime, Dridex conveyed by false UPS invoices and Cutwail botnet
The email contains a link that downloads a .doc attachment. This contacts a random url from an internal list of 9 and downloads a DLL, which starts malware infection.
Cybercrime, Dridex uses fake UPS invoice as the ultimate bait
Global malspam campaign exploits xlsm attachment, that contacts a random link from an internal list of over 30 and downloads a DLL, which starts the malware infection.