Cybercrime, false Freightquote invoice conveys Dridex
The email xlsm attachment, if opened, contacts a random link from an internal list and downloads the dll, which starts the malware infection.
Cybercrime, The stolen object from a real email conversation conveys Lokibot
The email zip attachment contains an exe, the malware itself. If opened, the infection starts. Objective: to steal information from victims.
Cybercrime, the change of telephone operator bait for Ursnif / Gozi in Italy
The doc attachment of a fake Vodafone email, different for each message, contacts a single link and downloads the dll which starts malware infection.
Cybercrime, PKV Trading ApS company certificates exploited by Quakbot
New signed campaign to trick victims’ antivirus, allowing them to download and install the malware via attachment.
Cybercrime, Dridex conveyed by false MSC invoices
The xlsm attachment contacts a random link from an internal list and downloads the malware, a Trojan protagonist of campaigns especially with a courier theme.
Cybercrime, Quakbot exploits ADV TOURS d.o.o.” company certificates
New signed campaign to allow victims to download and install the malware via the attachment, tricking the antivirus.
Cybercrime, Quakbot attacks via PROTIP d.o.o. – v stečaju certificates
New signed campaign to allow victims to download and install the malware via attachment, tricking the antivirus.
Cybercrime, the invoice-themed Dridex campaign is back
The xlsm attachment, distributed by the Cutwail botnet, contacts a random link from internal list and downloads the malware.
Cybercrime, Tecno trade d.o.o company certificates exploited by Quakbot
New signed campaign to trick victims’ antivirus, allowing them to download and install the malware via attachment.
Cybercrime, C.H. Robinson decoy of the courier-themed Dridex campaign
The xlsm attachment, distributed by the Cutwail botnet, contacts a random link from an internal list and downloads the malware.