Cybercrime, a “Purchase Order” email from Lebanon carries Blustealer
The compressed attachment contains an exe file: the malware. Stolen data is exfiltrated via Telegram API.
Cybercrime, fake purchase order from Finland bait for BlueStealer
The compressed attachment of the "Purchase Order" email contains an exe: the malware. Stolen data is exfiltrated via Telegram API.
Cybercrime, Formbook hidden in a fake purchase order from Zimbabwe
The gz attachment of the “ORDER 0736449574 ZWL0106245448” email contains an exe file: the malware.
Cybercrime, Formbook passes from the UAE and a purchase order
The gz attachment of the email contains an exe file: the malware.
Cybercrime, SnakeKeylogger hidden in a fake purchase order
The email cab attachment contains an exe file: the malware. The stolen data is then exfiltrated via Telegram API.
Cybercrime, AgentTesla again through real companies in Turkey
The .bz attachment of the email about a purchase order contains the exe: the malware. Stolen data is exfiltrated via Telegram API.
Cybercrime, AgentTesla campaign on purchase orders from Iraq
The xlsx attachment of a fake email contains an exe file: the malware itself. The stolen data is then exfiltrated via SMTP.
Cybercrime, Formbook conveyed by a fake purchase order from Thailand
The email Gz attachment contains an executable, the malware itself. This, if opened, triggers the infection.
Cybercrime, new phishing attack via fake purchase order
Victims, through an HTML attachment, are directed to a false tailored Adobe pdf online website to “view the file”. The goal is to steal credentials.
Cybercrime, Agent Tesla campaign with the “purchase order” lure
New malspam campaign discovered by the cybersecurity expert Mich. The .gz attachment activates the malware infection chain