Collaborate Disseminate
A quick post about the latest in a long, long, long, very, very long line of fake DHL delivery failure emails delivering all sorts of malware. Today’s version is slightly different to the ones we frequently see in UK. Today it is delivering Nanoc… Continue reading Nanocore RAT via fake DHL failed delivery in Chinese
The next in the overnight malware campaigns is a fake Fedex Express email delivering Nanore RAT via an img ( Iso) file. They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are … Continue reading Fake Fedex Express Shipment For Pickup in iso delivers nanocore using Sendgrid
Yet another Lokibot campaign. This time coming via a Fake DHL delivery failed email. We frequently see comments saying ” how can anybody fall for this sort of scam”. Well it is extremely easy! It only needs a combination of very plausible c… Continue reading Lokibot via Fake DHL delivery message using ISO attachments
An old favourite lure with this email with the subject of “DHL Shipping of Original invoice B/L dated 26/10/2018” pretending to come from DHL EXPRESS – < noreply@dhl.com > with a malicious word doc attachment delivers Remcos… Continue reading More Fake DHL invoices delivering Remcos RAT via office XML files
Yet another fake or spoofed DHL delivery notification delivering what today turns out to be Remcos RAT . An email with the subject of “READ : (DHL Express) -Delivery Address Confirmation” Pretending to come from dhlSender@dhl.com <nore… Continue reading Fake DHL READ : (DHL Express) -Delivery Address Confirmation delivers Remcos Rat
This malware delivery campaign is a bit of a disaster, but of course, the more unbelievable it is the more victims seem to fall for it. The email looks like a 4 year year old child has cut & pasted bits from different emails or images to get someth… Continue reading Danabot delivered via fake DPD delivery notification
We are starting this Monday Morning with a Lokibot campaign being delivered via malicious word docs, actually RTF files using CVE-2017-11882 Microsoft equation editor exploits. I am seeing various email subjects. I have received 2 of each version so … Continue reading Lokibot campaign 17 September 2018
Yet another fake or spoofed DHL delivery notification delivering what today turns out to be Lokibot . An email with the subject of “Arrival Notice For BL – 08/23/2018 / Vessel – DHL Express” coming from DHL Express Internationa… Continue reading Yet another Fake DHL delivery note delivers Lokibot
Yet another fake or spoofed DHL delivery notification delivering what looks like Agent Tesla keylogger. An email with the subject of “Vessel Schedule ETD:AUG 26 ,ETA:SEP 20” coming from Donald Townsend <comercial@twistermedical.com>… Continue reading Fake DHL delivery notification Agent Tesla Keylogger
Following on from last week with an almost identical DHL malware campaign, today I am seeing yet another email pretending to be a DHL Shipment Notification with the subject of Arrival Notice For BL – 06/08/2018 / Vessel – DHL ATLAN… Continue reading Fake DHL Arrival Notice or Shipment Notice delivers malware via embedded exe files inside MP3 music files