We are seeing an Ursnif /Gozi /ISFB campaign hitting the UK since yesterday. I was first alerted by this Twitter post. I started to investigate quickly last night and several much better researchers and analysts have taken over and found much more details. I posted some basic details in THIS Tweet. Then the main analysis appears via THIS. Whichever bad actor is running this campaign is using extremely good social engineering tricks to imitate multiple well known companies to persuade the recipient to follow the links and get infected. Anyway back to this morning and Ursnif /Gozi /ISFB continues to … Continue reading →