IcedID is fast becoming a leading player in the cybercrime landscape
Spike in malware (aka BokBot) attacks in recent days via real stolen email conversations. Italy is in the crossairs.
Cybercrime, new wave of the IcedID campaign via stolen email and protected attachment
The zip file of the email, arrived in Italy, contacts a single url (different in each message) and downloads the dll that starts the malware infection.
Cybercrime, Dridex campaign via fake Office Depot receipt
The email xls attachment contacts a random url from an internal list and downloads the dll, which starts the malware infection.
Cybercrime, new Dridex campaign via invoices and Cutwail botnet
The email xlsm attachment contacts a random link from an internal list and downloads the DLL, which starts the malware infection chain.
Cybercrime, the IcedID campaign against Italy is evolving
The email zip attachment o is now password protected and conveys a doc (previously it was) an xlsm. In addition, each file contacts different URLs to download the dll that starts the malware infection.
Cybercrime, IcedID is back in Italy with the same last week stolen conversation
The email zip attachment contains an xlsm file. This contacts a single link and downloads the dll, starting malware (aka BokBot) infection.
Cybercrime, IcedID campaign in Italy via real stolen email conversations
The email zip attachment contains an xlsm file. This contacts a single link and downloads the dll, which starts malware (aka BokBot) infection.
Cybercrime, the Revenue Agency lure for the third Ursnif / Gozi campaign in Italy in one day
The email xlsb attachment contacts a url (different in each message) and downloads the dll which starts the malware infection.
Cybercrime, the Dridex campaign via Freightquote is back
The email xlsm attachment contacts a random link from an internal list and downloads the DLL, which starts the malware infection chain.
Cybercrime: Ursnif / Gozi campaign in Italy on stolen emails, but it’s faulty
The email zip attachment, password protected, contains a doc that downloads the dll and starts the malware infection. However, the macro contains errors.