Cybercrime, new AgentTesla campaign via “purchase enquiry”
The email rar attachment contains an exe: the malware itself. The stolen data is then exfiltrated with smtp.
Cybercrime, “Purchase order_2022” conveys the new RemcosRAT campaign
The email contains a rar attachment. Inside there is an exe: the malware itself, which activates the chain of infection.
Cybercrime, fake FedEX shipment carries Remcos
The 7z attachment of the email, dated January 11, 2022, contains an exe: the malware itself. This, if opened, activates the infection chain.
Cybercrime, USPS bait for a delivery theme phishing campaign
Users are required to compile a form with their PIIs and credit cards details to pay a fake contribution. It’s a scam to steal data and money.
Cybercrime, Purple Fox released by Telegram installer for desktop
The malware is downloaded and activated by one of the two files contained within the executable. Goal: to reduce the chance of being detected and stopped.
Cybercrime, ClipBanker and PhoenixMiner conveyed via fake saved photos
The exe file is redline stealer. This, once opened, automatically downloads the other two malware: a banking trojan and a cryptominer.
Cybersecurity, Dridex and Quakbot top tags in 2021 on MalwareBazaar
Last year contributors shared 176'532 malware samples. The top reported files were windows executables pages facing up and DLL files gear. The Italian JAMESWT in the Top Ten contributors list.
Cybercrime, fake BRT shipment brings Ursnif / Gozi to Italy
The email xls attachment contacts a single link and downloads the dll, starting the malware infection chain. But only from Italian IPs and not on the blacklist.
Cybercrime, the “Sha + bookings” email conveys Formbook
The rar attachment contains an executable file: the malware itself. This, if opened, activates the infection chain.
Cybercrime, new RemcosRAT campaign via DHL
The email tar attachment contains the malware itself. If opened, it activates the infection chain.