Following on from last Thursday and Friday when a ursnif campaign spoofing HMRC started to use blacktds via compromised SharePoint sites we have a fake Companies House campaign today using the same system. Blacktds is a method of severely restricting who gets the malware. They can restrict IP ranges, OS types and even what browser is used. Today’s email with the subject of CC(01) Company Complaint – 5GBV2LXEK5ULLKW pretending to come from Companies House but actually coming from a range of compromised or hacked sites and email addresses. The email domain these are sent from is also the URL … Continue reading →
The post Fake Companies House “CC(01) Company Complaint – 5GBV2LXEK5ULLKW” delivers Ursnif banking trojan via BlackTDS appeared first on My Online Security.