EternalBlue Exploit Used in Retefe Banking Trojan Campaign
Banking Trojan Retefe is adopting new WannaCry tricks, adding an EternalBlue module to propagate the malware. Continue reading EternalBlue Exploit Used in Retefe Banking Trojan Campaign
Collaborate Disseminate
Banking Trojan Retefe is adopting new WannaCry tricks, adding an EternalBlue module to propagate the malware. Continue reading EternalBlue Exploit Used in Retefe Banking Trojan Campaign
An email with the subject of New BT Online bill pretending to come from BT but actually coming from a different domain btbusiness@bt-europe.com that can very easily be mistaken for a genuine BT email address is today’s latest spoof of a well-known company, bank or public authority delivering Dridex banking … Continue reading → Continue reading New BT Online bill malspam delivers Dridex banking trojan
The next in the never ending series of Malware downloaders is an email with the subject of Your Virgin Media bill is ready pretending to come from Virgin Media <webteam@virginmediaconnections.com> which delivers Dridex banking trojan They use email addresses and subjects that will entice, scare or persuade the recipient to read the email … Continue reading → Continue reading Fake Your Virgin Media bill is ready malspam delivers Dridex banking Trojan
The next in the never ending series of malware downloaders is an email with the subject of OnePosting Invoice Ready to View pretending to come from SPECTUR LIMITED <members@onenewpost.com>. This eventually delivers Dridex banking Trojan. They use email addresses and subjects that will entice a user to read the email and open the … Continue reading → Continue reading fake OnePosting Invoice Ready to View malspam delivers Dridex banking Trojan
An email with the subject of Your latest BT OneBill is available now pretending to come from BT but actually coming from a different domain ebilling4business@btdnet.com that can just about be mistaken for a genuine BT email address is today’s latest spoof of a well-known company, bank or public authority delivering Dridex banking Trojan … Continue reading → Continue reading Fake “Your latest BT OneBill is available now” malspam leads to Dridex banking trojan
An email with the subject of Your latest BT OneBill is available now pretending to come from BT but actually coming from a different domain ebilling4business@btdnet.com that can just about be mistaken for a genuine BT email address is today’s latest spoof of a well-known company, bank or public authority delivering Dridex banking Trojan … Continue reading → Continue reading Fake “Your latest BT OneBill is available now” malspam leads to Dridex banking trojan
Continuing with the never ending series of malware downloaders is an email with the subject of Your Xero Invoice INV-0855485 coming from subscription.notifications@xeronet.org which uses compromised sharepoint aka onedrive for business accounts to deliver Dridex banking Trojan Note: this was forwarded to me by a contact this morning who received it yesterday. … Continue reading → Continue reading fake Xero accounting software invoice delivers Dridex banking Trojan
Ransomware called IKARUSdilapidated is managing to slip into unsuspecting organizations as an unknown file.
Continue reading Locky Ransomware Variant Slips Past Some Defenses
Another big malspam campaign pretending to be a Vodafone bill. These started earlier this morning with links in the email to a compromised or fraudulently set up SharePoint business site that soon stopped delivering the malware payloads. They then quickly switched to a whole host of other compromised sites to … Continue reading → Continue reading Spoofed Vodafone Online Bill Manager – Your Phone Bill is ready to view delivers banking Trojan
An email with the subject of UK Fuels Collection pretending to come from invoices@ebillinvoice.com with a malicious word doc attachment delivers some sort of malware. I am not sure what these are. They might be Jaff ransomware or might be Dridex banking Trojan or Trickbot banking Trojan. The last time I saw … Continue reading → Continue reading Spoofed UK Fuels Collection malspam delivers malware, possibly Trickbot