Collaborate Disseminate
An email with the subject of Pay for driving on toll road, invoice #00212297 [ random numbered] pretending to come from random senders with a zip attachment is another one from the current bot runs which downloads They use email addresses and subjects that … Continue reading → Continue reading FW: Latest order delivery details random company – JS malware leads to Dridex
A French language email with the subject of Facture : 1985 corrigée pretending to come from Louis – Buvasport <louis6@buvasport.com> ( random numbers after Louis) with a zip attachment is another one from the current bot runs which downloads They use email addresses … Continue reading → Continue reading Facture : 1985 corrigée Buvasport – JS malware Locky downloader
An email with the subject of Your Latest Documents from Angel Springs Ltd [88665A9D][ random numbered] pretending to come from random senders with a zip attachment is another one from the current bot runs which downloads They use email addresses and subjects that … Continue reading → Continue reading Your Latest Documents from Angel Springs Ltd [88665A9D] – JS malware leads to #Teslacrypt
An email with the subject of Act pretending to come from Nikolai Volkov <Volkov@info.com> with a RAR attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential stealers, which may include cridex, … Continue reading → Continue reading act – unknown ransomware
An empty / blank email with the subject of Business Card pretending to come from Tracey Gittens <traceygittens@hotmail.com> with a zip attachment is another one from the current bot runs which downloads Dridex banking Trojan They use email addresses and subjects that will … Continue reading → Continue reading Business Card Tracey Gittens – JS malware leads to Dridex
An email with no subject pretending to come from Liberty Wines, Invoicing <invoicing@libertywines.co.uk> with a zip attachment is another one from the current bot runs which downloads an unknown malware probably either Locky ransomware or Dridex banking Trojan They use email addresses and … Continue reading → Continue reading Liberty Wines Invoicing – JS malware
An email with the subject of New Voicemail Message From 07792084437 [ random numbers] pretending to come from Soho66 <noreply@soho66.co.uk> with a zip attachment is another one from the current bot runs which downloads some sort of malware that analysis is inconclusive. … Continue reading → Continue reading Soho66 New Voicemail Message From 07792084437 – JS malware
An email with the subject of Unpaid Bill for Car Repair Service 7650 [ random numbered] pretending to come from random names and email addresses with a zip attachment is another one from the current bot runs which downloads teslacrypt They use email addresses … Continue reading → Continue reading Unpaid Bill for Car Repair Service 7650 – JS malware leads to Teslacrypt
An email with the subject of Actual Status on Your Balance 49166 [ random numbered] pretending to come from random names and email addresses with a zip attachment is another one from the current bot runs which downloads Teslacrypt ransomware They use email … Continue reading → Continue reading Actual Status on Your Balance 49166 – JS malware leads to Teslacrypt ransomware
An email with the subject of Invoice: 912409 pretending to come from UK e-pay Email Server (epay UK) <DO.NOT.REPLY.TO@uk.epayworldwide.com> with a zip attachment is another one from the current bot runs which downloads Dridex banking Trojan They use email addresses and subjects that … Continue reading → Continue reading Invoice: 912409 UK e-pay Email Server – JS malware leads to Dridex