A somewhat involved and slightly complicated and devious chain in this Formbook campaign. What is slightly concerning are some of the sites involved, especially the live download site http://globalbank.us/ which looks like it has been been purchased by criminals several months ago intending to be used in some sort of banking fraud. It was registered in June 2018 and is parked by the registrar & hosting company Namecheap. The registrant behind this domain name has registered at least 10 other obvious fraud domains that we can easily find https://domainbigdata.com/gmail.com/mj/MMWhkxyk-VrMXoRNQX7zDw I am sure that somebody who is a lot better than me … Continue reading →