Collaborate Disseminate
Following on from this post yesterday where I missed the original payload we have an email that has a multitude of subjects all along the line of scanned file / image / document / image etc pretending to come from totally random senders with a pdf attachment. This PDF does have … Continue reading → Continue reading scanned file with pdf attachment malspam drops malicious word macro delivers malware
An email with the subject of FW: Important BACs documents pretending to come from RBS BACs <GRGBACspaymentsdelivery@rbsdocuments.co.uk> with a malicious word doc spreadsheet attachment delivers malware. At this stage I don’t know if these are they usual Dridex banking payload or the Kegotip banking malware we saw yesterday. These look like … Continue reading → Continue reading Spoofed RBS FW: Important BACs documents malspam delivers malware
Blast could give a boost to Dridex, one of the Internet’s worst bank-fraud threats. Continue reading Microsoft Word 0day used to push dangerous Dridex malware on millions
The next in today’s Dridex downloaders is an email with a subject saying something like “Emailing: PIC9744891.JPG” ( random numbers and file extensions. Either Gif, JPG, Tiff, Png or any other image or doc file extension). They all come from random senders. The zip attachment extracts to another zip file … Continue reading → Continue reading Emailing: PIC9744891.JPG malspam delivers Dridex
An email with the subject of pretending to come from random companies with a zip file that extracts to another zip that eventually extracts to malicious word doc attachment delivers malware probably Dridex banking Trojan Currently Payload Security has a massive backlog so analysis is pending They are using email addresses … Continue reading → Continue reading Spoofed Hedley & Ellis Ltd Customer Statement malspam deliverers malware
For a long time, exploit kits were the most prolific malware distribution vehicle available to attackers. Where did they go and what’s replaced them? Continue reading Where Have All The Exploit Kits Gone?
Dridex has undergone a massive update and now sports a new injection method for evading detection based on the technique known as AtomBombing. Continue reading Dridex Trojan Gets A Major ‘AtomBombing’ Update
IBM X-Force researchers discovered that an upgraded version of Dridex has been using a new injection method, signifying the Trojan’s continued evolution.
The post Dridex’s Cold War: Enter AtomBombing appeared first on Security Intelligence.
Spammers are turning to an old technique known as hailstorm to slip past anti-spam and anti-malware filters to deliver Dridex banking malware and Locky ransomware. Continue reading New Wave of Hailstorm Spam Pelts Inboxes
The cybergang behind the TrickBot Trojan has moved into Singapore, targeting the many multinational corporations that operate in the region.
The post Nǐ Hǎo TrickBot? Dyre Successor Spreads to Asia appeared first on Security Intelligence.
Continue reading Nǐ Hǎo TrickBot? Dyre Successor Spreads to Asia