Ursnif – Page 3 – WindowsTechs.com

Japanese language fake invoice malspam using macro laden XLS files continue to deliver Ursnif banking Trojans

Posted on June 14, 2017 by Myonlinesecurity

It looks like the Japanese malspams are still continuing to deliver Ursnif /Gozi / ISFB banking Trojans. This one is yet another fake invoice email with the subject of 請求書添付書類について (About invoice attachment documents) , pretending to come from random Japanese email addresses with a malicious Excel XLS attachment that contains macros … Continue reading → Continue reading Japanese language fake invoice malspam using macro laden XLS files continue to deliver Ursnif banking Trojans→

another ursnif attempt from Japanese language malspam using ole objects

Posted on June 13, 2017 by Myonlinesecurity

Still sticking with Japanese malspams downloaders delivering or trying to deliver Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of Re: [お振込口座変更のご連絡 Re: [Notice of transfer account change , pretending to come from random Japanese email addresses with a malicious word doc attachment that contains … Continue reading → Continue reading another ursnif attempt from Japanese language malspam using ole objects→

more Japanese language invoice malspam delivering Ursnif

Posted on June 12, 2017 by Myonlinesecurity

Yet another in the never ending series of Japanese language malspam malware downloaders delivering Ursnif /Gozi / ISFB banking Trojan is this email with the subject of 請求書 (invoice). These emails are coming in slightly malformed and outlook doesn’t want to open them or display them properly. This might be a language … Continue reading → Continue reading more Japanese language invoice malspam delivering Ursnif→

More Japanese Language invoice malspam delivering ursnif banking Trojan

Posted on June 7, 2017 by Myonlinesecurity

Back to the never ending series of Japanese language malspam malware downloaders delivering Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of 請求書を添付 (Attach invoice). These emails are coming in slightly malformed and outlook doesn’t want to open them or display them properly. This might be … Continue reading → Continue reading More Japanese Language invoice malspam delivering ursnif banking Trojan→

fake parcel delivery services malspam with word doc attachment delivers ursnif banking Trojan

Posted on May 18, 2017 by Myonlinesecurity

A slightly different one today and I am not sure how many recipients will be infected by this. On my server, some are being delivered with the word doc attachment, but about half are just getting the email body with an HTML attachment which has the same details as the email body and … Continue reading → Continue reading fake parcel delivery services malspam with word doc attachment delivers ursnif banking Trojan→

More Japanese language ursnif delivered by spoofed japan express malspam using word docs with embedded ole objects inside zip files

Posted on May 18, 2017 by Myonlinesecurity

Continuing with the never ending series of Japanese language malspam malware downloaders delivering Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of 支払条件確認書 (Terms of payment Confirmation) pretending to come from random Japanese email addresses with a zip file containing a malicious word doc attachment that … Continue reading → Continue reading More Japanese language ursnif delivered by spoofed japan express malspam using word docs with embedded ole objects inside zip files→

Japanese language parking violation malspam delivers Ursnif

Posted on May 17, 2017 by Myonlinesecurity

It looks like the Japanese malspams are also trying the parking or speeding fine approach. Continuing with the never ending series of Japanese language malspam malware downloaders delivering Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of 駐禁報告書 ( Invitation Report) or (The report of the bicycle ) depending … Continue reading → Continue reading Japanese language parking violation malspam delivers Ursnif→

Even more Japanese language malspam delivering Ursnif banking trojan

Posted on May 16, 2017 by Myonlinesecurity

Continuing with the mass of Japanese language malspam delivering Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of 保安検査 ( Security Check) pretending to come from with a malicious word doc attachment that contains embedded ole objects where you have to manually click on the blurry … Continue reading → Continue reading Even more Japanese language malspam delivering Ursnif banking trojan→

Japanese language malspam Parking lot rental cancellation delivers more ursnif banking Trojan

Posted on May 15, 2017 by Myonlinesecurity

I must be missing something in the auto translation of this Japanese Language malspam which just doesn’t make a lot of sense when translated. I think it pretends to be a cancellation for renting a parking lot in Japan somewhere that will take place on 1 June which delivers Ursnif … Continue reading → Continue reading Japanese language malspam Parking lot rental cancellation delivers more ursnif banking Trojan→

Japanese language spoofed travel reservation and invoice malspam delivers Ursnif banking Trojan

Posted on May 15, 2017 by Myonlinesecurity

Continuing with the never ending series of malware downloaders is a Japanese language malspam email with the subject of 予約完了[るるぶトラベル] (Reservation complete [Ruu Travel]) pretending to come from support@rurubu.travel with a zip attachment with a Japanese character set name which delivers ursnif / Gozi / ISFB banking Trojan. We are also seeing these … Continue reading → Continue reading Japanese language spoofed travel reservation and invoice malspam delivers Ursnif banking Trojan→