Cybercrime, Remcos campaign via DBatLoaderThe rar attachment contains an exe: the loader, which contacts a url and downloads the… Cybercrime, Remcos campaign via DBatLoader12 January 2023Francesco BussolettiCyber, Defence and Security The rar attachment contains an exe: the loader, which contacts a url and downloads the final malware.
Cybercrime, RemcosRAT via bank remittance is backThe 2 attached pdfs, taking advantage of an exploit for the CVE-2017-11882 vulnerability, extract an… Cybercrime, RemcosRAT via bank remittance is back14 June 2022Francesco BussolettiDefence and Security, Restricted Area The 2 attached pdfs, taking advantage of an exploit for the CVE-2017-11882 vulnerability, extract an xls that contacts a url and downloads the malware.
Cybercrime: RemcosRAT campaign via fake bank remittanceThe xlsx attachment contains an exe file: the malware itself. Cybercrime: RemcosRAT campaign via fake bank remittance20 May 2022Francesco BussolettiDefence and Security, Restricted Area The xlsx attachment contains an exe file: the malware itself.
Cybercrime, RemcosRAT campaign via fake RFQThe 7z email attachment contains an exe file: the malware itself. Cybercrime, RemcosRAT campaign via fake RFQ29 April 2022Francesco BussolettiDefence and Security, Restricted Area The 7z email attachment contains an exe file: the malware itself.
Cybercrime, “Purchase order_2022” conveys the new RemcosRAT campaignThe email contains a rar attachment. Inside there is an exe: the malware itself, which… Cybercrime, “Purchase order_2022” conveys the new RemcosRAT campaign13 January 2022Francesco BussolettiDefence and Security, Restricted Area The email contains a rar attachment. Inside there is an exe: the malware itself, which activates the chain of infection.
Cybercrime, fake FedEX shipment carries RemcosThe 7z attachment of the email, dated January 11, 2022, contains an exe: the malware… Cybercrime, fake FedEX shipment carries Remcos12 January 2022Francesco BussolettiDefence and Security, Restricted Area The 7z attachment of the email, dated January 11, 2022, contains an exe: the malware itself. This, if opened, activates the infection chain.
Cybercrime, new RemcosRAT campaign via DHLThe email tar attachment contains the malware itself. If opened, it activates the infection chain. Cybercrime, new RemcosRAT campaign via DHL10 December 2021Francesco BussolettiDefence and Security, Restricted Area The email tar attachment contains the malware itself. If opened, it activates the infection chain.
Cybercrime, new Remcos aggressive campaign via DHLThree different emails in one day with the same xls attachment: the malware itself. The… Cybercrime, new Remcos aggressive campaign via DHL20 September 2021Francesco BussolettiDefence and Security, Restricted Area Three different emails in one day with the same xls attachment: the malware itself. The file, if opened, activates the infection chain.
Cybercrime, triple Remcos attack via RFQThree emails have different request numbers, but identical text and tar attachment. Inside is an… Cybercrime, triple Remcos attack via RFQ8 September 2021Francesco BussolettiDefence and Security, Restricted Area Three emails have different request numbers, but identical text and tar attachment. Inside is an exe: the malware itself.
Cybercrime, Remcos campaign is back via shipping documentsThe email tar attachment contains an exe, the malware itself: a RAT with different capabilities. Cybercrime, Remcos campaign is back via shipping documents7 September 2021Francesco BussolettiDefence and Security, Restricted Area The email tar attachment contains an exe, the malware itself: a RAT with different capabilities.