Collaborate Disseminate
Today’s Locky/ Zepto ransomware malspam emails have come steadily in waves all day long. There have been 2 distinct different subjects and themes. one pretending to be a voice message from your own email domain or company, with the second pretending … Continue reading →
Today’s first example of malspam word docs with macros delivering Locky ransomware is an email with the subject of Today’s fax pretending to come from random names at your own email domain . They are using email addresses and subjects that will scare … Continue reading →
Continue reading Today’s fax malspam word macros leads to Locky ransomware
The second of today’s Locky ransomware examples is a blank / empty email with the subject saying Blank 2 pretending to come from random names at your own email domain with a zip attachment containing a random numbered WSF ( script file) … Continue reading →
Continue reading Blank 2 pretending to come from your own email address delivers Locky ransomware
Today’s first Locky ransomware example is a blank / empty email with the subject saying something like File: Scan(86) or Emailing: Document(2) or Emailing: Receipt(8) [ random numbered] or other similar generic subjects pretending to come from random names at your own email … Continue reading →
An email with the subject of Attached Image pretending to come from your own email address with a zip attachment which downloads Locky Ransomware They use email addresses and subjects that will entice a user to read the email and open the attachment. … Continue reading →
An email with the subject of Scanned image pretending to come from random names at your own email domain or company with a malicious word doc macro attachment delivers Locky Ransomware They are using email addresses and subjects that will scare or entice … Continue reading →
Continue reading Scanned image pretending to come from your own email domain delivers Locky
An email with the subject of You have received a new fax pretending to come from Incoming Fax <Incoming.Fax@victim domain.tld> with a zip attachment is another one from the current bot runs which delivers some malware. Edit: I am being told it … Continue reading →
Continue reading You have received a new fax from your own email address delivers malware
An email in Spanish language with the subject of NuevoDocumento 1 [ random numbered] pretending to come from random names at your own email domain with a malicious word doc attachment is another one from the current bot runs which downloads … Continue reading →
Continue reading NuevoDocumento 1 pretending to come from random names at your own email domain
An email with the subject of Scan #D34D94C50B_D8B8AAD5BA [ random characters ] pretending to come from HP Scanjet ( random email addresses starting with qwer at your own email domain ) with a zip attachment is another one from the current bot runs which downloads … Continue reading →
Another email with the subject of Emailing: DOC 05-18-2016, 04 49 68 [ random numbered] pretending to come from your own email address with a zip attachment is another one from the current bot runs which downloads what is probably Dridex banking … Continue reading →