[ad_1]
A malware distributor for the Dridex banking malware has been toying with victims and researchers over the previous couple of weeks. The most recent instance is a phishing marketing campaign that taunts victims with a COVID-19 funeral help helpline quantity.
Dridex is banking malware distributed by way of phishing emails containing malicious Phrase or Excel attachments. When these attachments are opened, and macros are enabled, the malware might be downloaded and put in on the sufferer’s system.
As soon as put in, Dridex will try to steal on-line banking credentials, unfold to different machines, and probably present distant community entry for ransomware assaults.
COVID-19 Omicron variant used as a lure
Over the previous few weeks, one of many Dridex phishing e-mail distributors is having enjoyable toying with victims and researchers.
This was first seen when the risk actor started trolling safety researchers through the use of their names mixed with racist feedback as malware file names and e-mail addresses.
Earlier this week, the risk actor spammed pretend worker termination letters that displayed an alert stating, “Merry X-Mas Pricey Staff!”, after infecting their system.
In a brand new phishing marketing campaign found by MalwareHunterTeam and 604Kuzushi, this identical risk actor took it to the following stage by spamming emails with a topic of “COVID-19 testing end result” that states the recipient was uncovered to a coworker who examined constructive to the Omicron COVID-19 variant.
“This letter is to tell you that you’ve got been uncovered to a coworker who examined constructive for OMICRON variant of COVID-19 someday between December 18th and twentieth,” reads the brand new phishing e-mail proven under.
“Please check out the main points within the hooked up doc.”
Dridex phishing e-mail stating you had been uncovered to Omicron COVID-19 variant
The e-mail features a password-protected Excel attachment and the password wanted to open the doc. As soon as the password is entered, the recipient is proven a blurred COVID-19 doc and is prompted to ‘Allow Content material’ to view it.
Blurred doc lure to persuade customers to allow macrosSource: BleepingComputer
So as to add insult to harm, after macros are enabled, and the system turns into contaminated, the risk actor taunts their victims by displaying an alert containing the cellphone quantity for the “COVID-19 Funeral Help Helpline.”
A nasty joke exhibiting the COVID-19 Funeral Help Helpline numberSource: BleepingComputer
With the COVID-19 variant being extremely contagious and quickly spreading worldwide, phishing emails in regards to the Omicron variant have gotten widespread and are seemingly extremely efficient in distributing malware.
That is very true if the phishing marketing campaign pretends to be from an organization’s human sources division and targets staff from the identical firm.
As Dridex phishing campaigns are presently utilizing password-protected attachments, enterprises want to coach their staff to identify and keep away from all these assaults.
As at all times, if you happen to obtain surprising emails or one which accommodates uncommon attachments, at all times attain out to your community admin or different folks within the office to find out if the e-mail is reliable.
[ad_2]