Collaborate Disseminate
A slightly different malware than usual to report on this morning. I haven’t previously seen an out and out destructive malware like this sent in mass malspam for many years. It must be intended to act as some sort of ransomware but there is no … Continue reading renamer destructive malware via fake inquiry email
With Christmas over we are starting to see an increase in malware campaigns. It is not up to the usual level yet because the Russian Gangs are still on their Xmas breaks, but the rest of the scumbags are trying to make up for it. Some like this one are… Continue reading Lokibot via Fake DHL quotation using .ace attachments
We are still seeing a lot of Lokibot hitting the UK. We don’t bother to post about most of them, because the subjects & emails are so generic that there normally is nothing particularly identifiable about them. However overnight we received a… Continue reading Fake UNILEVER PURCHASE ORDER #091223 for acknowledgement delivers Lokibot
I have no idea at this time what malware is being delivered with this campaign. However it is abusing Microsoft, Google and Amazon AWS services. When I first saw the email, I thought it was likely to be a phishing email, so was quite surprised when … Continue reading Fake Facebook reported photo scam delivering malware
Yet another fake or spoofed DHL delivery notification delivering what looks like Agent Tesla keylogger. An email with the subject of “Vessel Schedule ETD:AUG 26 ,ETA:SEP 20” coming from Donald Townsend <comercial@twistermedical.com>… Continue reading Fake DHL delivery notification Agent Tesla Keylogger
Following on from last week with an almost identical DHL malware campaign, today I am seeing yet another email pretending to be a DHL Shipment Notification with the subject of Arrival Notice For BL – 06/08/2018 / Vessel – DHL ATLAN… Continue reading Fake DHL Arrival Notice or Shipment Notice delivers malware via embedded exe files inside MP3 music files
An email with the subject of PAYMENT RECEIPT coming from Cynehen Mbakpobe <cynehenglobalcompanyltd@yahoo.com> with a zip attachment which contains some sort of keylogger. They use email addresses and subjects that will entice a user to rea… Continue reading Fake “PAYMENT RECEIPT” delivers some sort of Keylogger
Yet another email pretending to be a DHL Shipment Notification with the subject of Shipment Notification pretending to come from DHL but actually coming from dhl@paperattention.com with a malicious word doc attachment delivers some sort of malware…. Continue reading Fake DHL Shipment Notification delivers malware
An email with the subject of coming from Purchase <ACPM@REAGAN.COM> with a link in the email body that uses a chain to eventually download what looks like some sort of keylogger Update: I am assured this is Agent Tesla Keylogger. I always fin… Continue reading Fake Quote PO ACPM@REAGAN.COM delivers a keylogger
The next in the never ending series of malware delivery emails is an email with the subject of Re: Shipping arrangement process pretending to come from Valero.com but coming from Anna Brugt <dhen.ordonez@ritetrend.com.ph> They use email addresses and subjects that will entice, persuade, scare or shock a recipient to read the … Continue reading → Continue reading Fake Valero.com Re: Shipping arrangement process malspam delivers malware