Collaborate Disseminate
Trickbot is back with a vengeance. I have seen a couple of mentions on Twitter earlier this week but haven’t actually been able to find any copies myself. However that all changed last night with several emails to various email addresses on my s… Continue reading Trickbot with multiple changes via fake Chase JP Morgan incoming confirmation
Last night we received several emails to various email addresses on this server using a template we first saw back in Early December 2018. They are still using Rosie L. Ashton as the sender. Then it delivered Ursnif banking trojan. Today it is deliver… Continue reading Gandcrab 5.1 via Uр to date emergenсy exit maр malspam from Rosie L. Ashton
It looks like we have a new Ransomware spreading as a nice Christmas Present. This is being identified as Criakl by Anyrun , but if it is criakl, then it is a new version . Criakl was around in 2014 and has been seen sporadically since then, but hasn&#… Continue reading new Ransomware possibly criakl version
I am seeing changes to the password protected word docs campaign we have been seeing for ages. I am not sure what malware payload we are getting today. It looks different to all the usual previous ones. Last week they changed from Nymaim to IceD. They … Continue reading Password Protected word docs malware campaigns continue
This example is today’s latest spoof or imitation of a well-known company, bank or public authority delivering Trickbot banking Trojan. The email with the subject of “Payment Advice Ref: 2 / Customer Ref: P” pretends to come from HSBC but a… Continue reading trickbot via fake HSBC Payment Advice
An old favourite lure with this email with the subject of “DHL Shipping of Original invoice B/L dated 26/10/2018” pretending to come from DHL EXPRESS – < noreply@dhl.com > with a malicious word doc attachment delivers Remcos… Continue reading More Fake DHL invoices delivering Remcos RAT via office XML files
I don’t normally post much about Emotet here for a few reasons. I don’t see much sent to me in UK, although it is prolific. The emails are generally so generic and are fake invoices or orders, with nothing particularly interesting or alerti… Continue reading Fake Amazon Cyber Monday coupon delivers Emotet
This example is today’s latest spoof or imitation of a well-known company, bank or public authority delivering Trickbot banking Trojan. The email with the subject of ” BACs Transaction Report – Important Information! ” Pretends to co… Continue reading trickbot via fake BACs Transaction Report – Important Information!
This example is today’s latest spoof or imitation of a well-known company, bank or public authority delivering Trickbot banking Trojan. The email with the subject of ” Transaction Report – Important Information! ” pretends to come fro… Continue reading trickbot via fake Danske Bank Transaction Report – Important Information!
This example is today’s latest spoof or imitation of a well-known company, bank or public authority delivering Trickbot banking Trojan. The email with the subject of “ADP Notification – Transaction Report” pretends to come from ADP Au… Continue reading trickbot via Fake ADP Notification – Transaction Report