Collaborate Disseminate
The next in the never ending series of Locky downloaders is an email with the subject of Account report coming as usual from random companies, names and email addresses with a random named zip attachment containing 2 identical .WSF files. … Continue reading →
Yet another one in the never ending series of Locky downloaders is an email with the subject of payment copy coming as usual from random companies, names and email addresses with a random named zip attachment containing a WSF file. … Continue reading →
Continue reading payment copy malspam delivers Locky / Zepto
Another one in the multitude of daily phishing emails trying to steal your PayPal account. This one is worth mentioning because of the bad spelling and grammar that proves this does not come from an English speaking criminal The original … Continue reading →
Following on from THIS post earlier today which has created some discussion on Twitter amongst various InfoSec professionals, I want to expand slightly. Whether this is actually an APT ( Advanced Persistent Threat) or not is open to discussion. I … Continue reading →
Continue reading Is it an APT or just another everyday malware attack
This Twitter tweet caught my attention and I decided to look into it a bit deeper. Wake up to find that Barclays Bank Plc (.org) will be paying me £1m after winning Coca-Cola’s annual email draw! Anybody reading this would … Continue reading →
The third of today’s Locky ransomware malspam deliveries is an email with the subject of monthly report coming from random senders, companies and email addresses with a zip attachment They use email addresses and subjects that will entice a user to read the … Continue reading →
An email with the subject of Voice Message from Outside Caller (3m 54s) [ random length ] pretending to come from Peach Telecom <peach_necsv06@hotmail.com> ( random number after peach_necsv ) with a zip attachment which downloads Locky / Zepto ransomware They use email … Continue reading →
Continue reading Voice Message from Outside Caller (3m 54s) Peach Telecom delivers #Locky /#Zepto
Following on from THIS post ( and THESE earlier ones) about Java Adwind Trojans being delivered by various financial themed emails, we are seeing a new method of distribution of the Java Adwind Trojan using these financial themed emails with … Continue reading →
Continue reading Java Adwind embedded in word doc xpress money
A blank email with the subject of Emailing: Image15.jpg [ random numbered] pretending to come from random senders at your own email domain or company with a zip attachment containing an encrypted HTA file They use email addresses and subjects that will entice a user … Continue reading →
Continue reading Emailing: Image15.jpg malspam using HTA files delivers Locky ransomware
This Morning’s first Locky ransomware delivering malspam is an email with the subject of Statement coming from random senders, companies and email addresses with a random named zip attachment containing a JavaScript file that pretends to be a financial statement. Over the last … Continue reading →