A Phishing Attack That Delivers Three Forms Of Malware

Uploaded on 2022-05-25 in NEWS-News Analysis, FREE TO VIEW

A phishing campaign targeting Microsoft Windows users delivers three different forms of malware, all designed to steal sensitive information from victims. 

Cyber security researchers at Fortinet have released information regarding a phishing campaign targeting Microsoft Windows users. The phishing campaign leverages three different forms of malware, all of which are designed to steal sensitive information and credentials from victims. 

The malware types used in the campaign are AveMariaRAT, BitRAT, and PandoraHVNC, a trojan malware. By inserting malicious links into the phishing emails, the attackers are able to harvest usernames, passwords, and bank details entered by the victims.

According to Fortinet, the BitRAT malware is especially dangerous as it possesses the capacity to take full control of infected Windows systems, including access to the camera, audio and crypto mining abilities. 

The initial phishing message is designed to appear as though the target is receiving a payment from a trusted source. The message also requests that the target open an attached Microsoft Excel document. However, Fortinet says that the file contains malicious macros and that Microsoft Excel flags the document as a potential security concern.

Users should be wary of unexpected emails claiming to contain vital information hidden in attachments, particularly if that attachment requires you to enable macros first. If the email claims to come from a college or business associate, you should contact them using a different method than email to verify who sent the email. 

Just as fishing lures used to catch fish have grown more sophisticated, so have techniques used to perpetrate phishing. Increasingly, “phishing” emails do more than just impersonate a bank in the effort to steal consumers’ information. Thieves may send a spam email message, instant message, or pop-up message that infects the consumer’s PC with spyware or ransomware and gives control of it to the thief. 

A spam message may infect your computer when you click a link or picture in the spam message, or when you open an attachment to a spam message. If your PC is poorly secured, it may be infected as soon as you open the spam message itself.

Businesses can also help employees avoid falling victim to phishing emails by using appropriate anti-spam and anti-virus software, as well a training users on how to spot and report phishing emails. 

Fortinet:      Oodaloop:      ZDNet:     US Business Reviews:    Flipboard:      

You Might Also Read: 

Some Apps Come Loaded With Malware:

 

« How To Build A Successful Zero Trust Strategy For Data Analytics Users
Intelligent Solutions: How Innovation Is Helping To Suppress Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IOActive

IOActive

IOActive serves as a trusted security advisor to the Global 500 and other progressive enterprises, helping to safeguard their most important assets and improve their overall security posture.

Digital DNA

Digital DNA

Digital DNA provides Law-Enforcement-Grade Computer Forensics, Cyber Security and E-Discovery Investigations.

Nethemba

Nethemba

Nethemba provide pentesting and security audits for networks and web applications. Other services include digital forensics, training and consultancy.

Stormshield

Stormshield

Stormshield is a European leader in digital infrastructure security. We offer smart, connected solutions in order to anticipate attacks and protect digital infrastructures.

6cure

6cure

The 6cure Threat Protection solution eliminates malicious traffic to critical services in real time and protects against DDoS attacks.

CryptoTec

CryptoTec

CryptoTec is a provider of security concepts and encryption solutions for secure communication between decentralized computerized systems.

Digittrade

Digittrade

Digittrade develop and produce external encrypted hard disks and secure communications apps.

Secude

Secude

SECUDE is an established global security solutions provider offering innovative data protection for SAP users.

SureVine

SureVine

Surevine builds secure, scalable collaboration solutions for the most security conscious organisations, enabling collaboration on their most sensitive information.

Dual Layer IT Solutions

Dual Layer IT Solutions

Dual Layer offer a full range of IT Services and Solutions for businesses from IT infrastructure design to cloud/hosted solutions, cybersecurity, disaster recovery and IT training.

IntelligInts

IntelligInts

IntelligInts provide 24×7 threat monitoring, hunting, alerting, and mitigation in our world class Security Operations Center.

In Fidem

In Fidem

In Fidem specializes in information security management, with a bold approach that views cybersecurity as a springboard to organizational transformation rather than a barrier to innovation.

European Cyber Competence Network

European Cyber Competence Network

The purpose of the European Cyber Competence Network is to retain and develop the cybersecurity technological and industrial capacities of the EU necessary to secure its Digital Single Market.

Cloud Range

Cloud Range

Cloud Range provides cybersecurity teams with access to the world's leading cyber range platform, eliminating the need to invest in costly cyber range infrastructure.

NVISIONx

NVISIONx

NVISIONx data risk governance platform enables companies to gain control of their enterprise data to reduce data risks, compliance scopes and storage costs.

Feroot Security

Feroot Security

Feroot Security secures client-side web applications so that businesses can deliver a flawless user experience to their customers. Our products help organizations protect their client-side surface.