Cybercrime, new Dridex campaign via invoice
The xlsb attachment contacts a random url from an internal list and downloads the dll, which activates the malware infection chain.
Cybercrime, an email on urgent enquiries conveys last Lokibot campaign
The Gz attachment contains an exe file: the malware itself. This, if open, activates the chain of infection.
Cybercrime, false invoice conveys the latest Dridex campaign
The email xlsm attachment contacts a single url and downloads the dll, which starts the infection of the malware.
Cybercrime, Lokibot is now also conveyed through artwork
The email xlsx attachment contacts a single link from which an exe is downloaded and executed: the malware.
Cybercrime, the Dridex global campaign via Quickbooks evolves
The email xls attachment contacts a random url from an internal list and downloads the malware. The list, however, changes in each file.
Cybercrime, new Lokibot campaign via catalog request
The email gz attachment contains an exe: the malware itself. Opening it, the infection is activated.
Cybercrime, Bizarro targets customers of 70 banks in Europe and South America
Kaspersky cybersecurity experts: The malware attacks Germany, Spain, Portugal, France, Italy, Chile, Argentina and Brazil.
Cybercrime, new Dridex campaign via fake Quickbooks invoice
The email xls attachment contacts a random url from an internal list and downloads the dll, which starts the malware infection.
Cybercrime, the Dridex campaign via Quickbooks is back
The xls attachment of the mail, also arrived in Italy, randomly contacts a link from an internal list and downloads the dll, starting the malware infection.
Cybercrime, Asyncrat campaign via payment request
The email false xlsx points to a fake site with a zip document. This contains a VBS with a powershell which downloads the malware. C2 is the same as RemcosRAT.