Cybercrime, triple Modiloader campaign via compressed attachments
Three emails carry different files, but which contain the same malware. It's unclear what the next payload is, as the packer doesn't seem to work.
Cybercrime, Second day for the new courier-themed AgentTesla campaign
The text is identical to that of the previous day. Only the attachment, which however contains an exe file - the malware – changes.
Cybercrime, AgentTesla campaign via fake DHL email
Z attachment contains an exe file: the malware. The campaign, however, has another C2 than those of these days that use the courier as bait.
Cybercrime, Vjw0rm goes back to hiding in an email on beauty products
The “$38,570 detailed Invoice Payment” email rar attachment contains a js file: the malware.
Cybercrime, the beauty products-themed malspam campaign now carries Vjw0rm
The new template email .js attachment is directly the malware. Until now, it was spreading AgentTesla via rar file.
Cybercrime, fake FedEX shipment carries Remcos
The 7z attachment of the email, dated January 11, 2022, contains an exe: the malware itself. This, if opened, activates the infection chain.
Cybercrime, Emotet is spread via fake Adobe Windows App Installer
Cryptolaemus cybersecurity experts: The malware distribution process is the same used to distribute BazarLoader.
Cybercrime, a scam within a scam distributes Dridex
The xlsb attachment on how to protect yourself on Black Friday-Cyber Monday contacts random link from an internal list and downloads the dll, starting malware infection.
Cybercrime, Black Friday and Netflix bait for a Dridex campaign
The email xlsb attachment contacts random links from an internal list and downloads the dll, which starts the malware infection.
Cybercrime, fake hotel booking conveys Dridex
The xlsb attachment contacts random links from an internal list and downloads the dll, starting the malware infection. It also tries to connect to the victim's email client.