Collaborate Disseminate
An unpleasant way to come back after the Bank Holiday weekend ( in UK ) is an email with the subject of You Are Fired 24534F3 [ random characters] pretending to come from random names and email addresses with a zip attachment which … Continue reading → Continue reading You Are Fired 24534F3 – JS malware Downloads Locky
An email with the subject of Third Reminder – Outstanding Account pretending to come from random senders and companies with a zip attachment is another one from the current bot runs which downloads Locky ransomware or is supposed to, but our “friendly” … Continue reading → Continue reading Third Reminder – Outstanding Account – JS malware – Stupid Locky vigilante strikes again
Another blank email with the subject of hi prnt with a zip attachment is another one from the current bot runs which downloads Locky ransomware They use email addresses and subjects that will entice a user to read the email and open … Continue reading → Continue reading hi prnt pretending to come from your own email address JS malware delivers Locky
It definitely looks like the Dridex /Locky gang and whatever botnet they are using have a big downer on Avira Antivirus. Yesterday we saw this campaign, where the js file had some nasty denigrating phrases about Avira’s CEO Travis Witteveen. … Continue reading → Continue reading Second Reminder – Unpaid Invoice should be js malware but instead is a Joe Job against Avira antivirus
Yet another set of emails with blank empty bodies pretending to come from scanner@, copier@, epson@, canon@, hp@ and any other copier/printer/scanner/MFD at your own domain with one of these subjects Attached Doc / Attached File / Attached Image / Attached Document with … Continue reading → Continue reading another set of emails pretending to come from scanner@ copier@ epson@ canon@ hp@ your own domain JS malware delivering Locky
A really massive malspam run this afternoon UK time. With emails with multiple subjects including Amount overdue [IMPORTANT] and Latest invoice [IMPORTANT] pretending to come from random names and email addresses with a zip attachment is another one from the current bot runs which downloads … Continue reading → Continue reading emails with multiple subjects including Amount overdue [IMPORTANT] and Latest invoice [IMPORTANT] – JS malware
The Dridex / Locky malware gang are really going to town again today. The latest is an email with the subject of insurance – Customer 86765 [ random numbered] pretending to come from random names and email addresses with a zip … Continue reading → Continue reading insurance – Customer 86765 – JS malware
An email with the subject of Unpaid Fine – Case No.743379 [ random numbered] pretending to come from random senders and email addresses with a zip attachment is another one from the current bot runs which downloads some malware probably Locky ransomware or … Continue reading → Continue reading Unpaid Fine – Case No.743379 – JS malware
Yet another set of blank emails with varying subjects like Scan10, Document0, Doc9, file337 [ all random numbered] pretending to come from your own email address with a zip attachment is another one from the current bot runs which downloads rockloader which in turn downloads … Continue reading → Continue reading blank emails with varying subjects like Scan10, Document0, Doc9, file337 [ all random numbered] pretending to come from your own email address – JS malware downloads Locky
Another set of emails with the subject of FW: Invoice pretending to come from random senders with a zip attachment is another one from the current bot runs which downloads some sort of malware which is highly likely to end up with either … Continue reading → Continue reading FW: Invoice – JS malware