Japanese language malspam – WindowsTechs.com

Express Mail Service (EMS) fake invoice with Japanese language content malspam delivers banking Trojan

Posted on July 6, 2017 by Myonlinesecurity

Continuing with the never ending series of Japanese language malspam malware downloaders that normally deliver Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of Express Mail Service (EMS) with an XLS attachment with embedded macros. Quite unusually for this gang, all the versions we have received so … Continue reading → Continue reading Express Mail Service (EMS) fake invoice with Japanese language content malspam delivers banking Trojan→

Express Mail Service (EMS) fake invoice with Japanese language content malspam delivers banking Trojan

Posted on July 6, 2017 by Myonlinesecurity

Japanese language malspam currently spreading different banking Trojans

Posted on June 29, 2017 by Myonlinesecurity

Just a very quick short post about the Japanese language malspam currently spreading different banking Trojans. Today they are back to malicious macros inside Excel XLS files. I am seeing 2 different versions of the xls attachments so far today with numerous different emails, subjects and body content. All the … Continue reading → Continue reading Japanese language malspam currently spreading different banking Trojans→

Japanese language invoice malspam using js files inside zips today

Posted on June 27, 2017 by Myonlinesecurity

Overnight we have seen another mass Japanese Malspam campaign with a change to the malware downloaders delivering some sort of malware that is being detected on VirusTotal as a ransomware. I am not certain that is a correct detection. This gang traditionally deliver Ursnif / Gozi banking Trojan and it has … Continue reading → Continue reading Japanese language invoice malspam using js files inside zips today→

Japanese language fake invoice malspam using macro laden XLS files continue to deliver Ursnif banking Trojans

Posted on June 14, 2017 by Myonlinesecurity

It looks like the Japanese malspams are still continuing to deliver Ursnif /Gozi / ISFB banking Trojans. This one is yet another fake invoice email with the subject of 請求書添付書類について (About invoice attachment documents) , pretending to come from random Japanese email addresses with a malicious Excel XLS attachment that contains macros … Continue reading → Continue reading Japanese language fake invoice malspam using macro laden XLS files continue to deliver Ursnif banking Trojans→

another ursnif attempt from Japanese language malspam using ole objects

Posted on June 13, 2017 by Myonlinesecurity

Still sticking with Japanese malspams downloaders delivering or trying to deliver Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of Re: [お振込口座変更のご連絡 Re: [Notice of transfer account change , pretending to come from random Japanese email addresses with a malicious word doc attachment that contains … Continue reading → Continue reading another ursnif attempt from Japanese language malspam using ole objects→

more Japanese language invoice malspam delivering Ursnif

Posted on June 12, 2017 by Myonlinesecurity

Yet another in the never ending series of Japanese language malspam malware downloaders delivering Ursnif /Gozi / ISFB banking Trojan is this email with the subject of 請求書 (invoice). These emails are coming in slightly malformed and outlook doesn’t want to open them or display them properly. This might be a language … Continue reading → Continue reading more Japanese language invoice malspam delivering Ursnif→

More Japanese Language invoice malspam delivering ursnif banking Trojan

Posted on June 7, 2017 by Myonlinesecurity

Back to the never ending series of Japanese language malspam malware downloaders delivering Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of 請求書を添付 (Attach invoice). These emails are coming in slightly malformed and outlook doesn’t want to open them or display them properly. This might be … Continue reading → Continue reading More Japanese Language invoice malspam delivering ursnif banking Trojan→

More Japanese language ursnif delivered by spoofed japan express malspam using word docs with embedded ole objects inside zip files

Posted on May 18, 2017 by Myonlinesecurity

Continuing with the never ending series of Japanese language malspam malware downloaders delivering Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of 支払条件確認書 (Terms of payment Confirmation) pretending to come from random Japanese email addresses with a zip file containing a malicious word doc attachment that … Continue reading → Continue reading More Japanese language ursnif delivered by spoofed japan express malspam using word docs with embedded ole objects inside zip files→

Japanese language parking violation malspam delivers Ursnif

Posted on May 17, 2017 by Myonlinesecurity

It looks like the Japanese malspams are also trying the parking or speeding fine approach. Continuing with the never ending series of Japanese language malspam malware downloaders delivering Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of 駐禁報告書 ( Invitation Report) or (The report of the bicycle ) depending … Continue reading → Continue reading Japanese language parking violation malspam delivers Ursnif→