Decryption Utility Unlocks Files Encrypted by Jaff Ransomware

Researchers have neutralized the latest strain of the Jaff ransomware, releasing a decryption tool for unlocking files. Continue reading Decryption Utility Unlocks Files Encrypted by Jaff Ransomware

Malspam with pdf attachments dropping macro excel xls files deliver malware

Continuing with the latest series of emails with pdf attachments that drops a malicious macro enabled Excel XLS file is an email with the subject of Emailing: 288639672 ( random numbers) pretending to come from random names and email address that delivers some sort of malware. Over the last couple of weeks Continue reading → Continue reading Malspam with pdf attachments dropping macro excel xls files deliver malware

more invoice malspam delivers malware using wsf files

Continuing with the never ending series of malware downloaders is an email with the subject of Invoice PIS0120650  ( random numbers)  coming or pretending to come from NoReplyMailbox @ random companies, names and email addresses with a  zip attachment which matches the subject , that contains another zip file, containing a WSF file  which eventually Continue reading → Continue reading more invoice malspam delivers malware using wsf files

blank email with no subject tries to deliver malware but fails

The malware gang trying to deliver what should be either Dridex, Jaff or  Trickbot have made an almighty mistake this morning The email is typical with  no subject & a blank empty body with a zip attachment. So far nothing unusual in that. BUT what the apprentice looking after the shop Continue reading → Continue reading blank email with no subject tries to deliver malware but fails

more fake invoice pdf that drop a word macro delivering banking malware

Continuing with the latest series of emails with pdf attachments that drops a malicious macro enabled word doc is an email with the subject of 32_Invoice_2220 ( random numbers at start and end of invoice) pretending to come from random names  and email addresses that delivers what looks like either Continue reading → Continue reading more fake invoice pdf that drop a word macro delivering banking malware

Spoofed John Miller invoice pretending to come from somebody named Holmes delivers Dridex banking Trojan

Continuing with the latest series of emails with  random numbered pdf attachments that drops a malicious macro enabled word doc is an email with the subject of Invoice  pretending to come from a random first name Holmes at random email addresses  but the body of the email imitates John Miller Continue reading → Continue reading Spoofed John Miller invoice pretending to come from somebody named Holmes delivers Dridex banking Trojan

More Dridex banking Trojan delivered via pdf Message from KM_C224e pretending to come from copier at your own email address

Continuing with the latest series of emails with pdf attachments that drops a malicious macro enabled word doc is a blank / empty  email with the subject of Message from KM_C224e pretending to come from copier at your email address that delivers Dridex banking Trojan They are using email addresses Continue reading → Continue reading More Dridex banking Trojan delivered via pdf Message from KM_C224e pretending to come from copier at your own email address

fake invoice drops word docm with macros delivers Dridex banking Trojan

Continuing with the latest series of emails with pdf attachments that drops a malicious macro enabled word doc is an email with the subject of Invoice INV-0790 ( random numbers) pretending to come from random names  and  email address that delivers Dridex banking Trojan They are using email addresses and Continue reading → Continue reading fake invoice drops word docm with macros delivers Dridex banking Trojan