Cybercrime, new order-themed malware campaign via Guloader
The gz attachment of the email contains an exe file: the loader, which should contact a link and download an unknown final payload.
Cybercrime, AgentTesla passes via a fake HSBC payment notice
The ace attachment contains an exe file: the malware itself. The stolen data is then exfiltrated via smtp.
Cybercrime, Rig Exploit Kit actors swapped Raccoon Steeler for Dridex
Bitdefender cybersecurity experts: The campaign changed malware in February when one of the lead developers was killed in the Russian invasion of Ukraine.
Cybercrime, new AgentTesla DHL-themed campaign via Guloader
The Gz attachment of a fake courier email contains an exe: the loader, which contacts another url and downloads the final malware.
Cybercrime, BRATA is evolving into an APT
Cleafy cybersecurity experts: Threat actors behind the malware now target a specific financial institution at a time, and change their focus only once the victim starts to implement countermeasures.
Cyber Espionage, Aoqin Dragon is under the radar since 2013
Sentinel Labs cybersecurity experts: The the pro-China APT seeks initial access via document lures with porn themes and makes heavy use of USB shortcut techniques to spread malware.
Cybercrime, Panchan is a new botnet and SSH worm targeting Linux servers
Akamai cybersecurity experts: It’s written in golang and and utilizes its built-in concurrency features to maximize spreadability and execute malware modules.
Cybercrime, new double AgentTesla global campaign
The rar and r00 attachments of two different emails contain the same exe file: the malware. Stolen data is exfiltrated via smtp.
Cybercrime, Avemaria hidden in a fake request for quotation (RFQ) email
The img attachment contains an exe, disguised as a pdf document: it’s the malware itself.
Cybercrime, fake payment notice hides Formbook
The email ace attachment contains an exe file: the malware itself.