Home Technology This phishing attack delivers three forms of malware. And they all want...

This phishing attack delivers three forms of malware. And they all want to steal your data


A phishing campaign targeting Microsoft Windows users delivers three different forms of malware, all designed to steal sensitive information from victims.

Detailed by cybersecurity researchers at Fortinet, those who unintentionally run the malicious attachment sent in phishing emails fall victim to AveMariaRAT, BitRAT and PandoraHVNC trojan malware.

The campaign allows cyber criminals to steal usernames, passwords and other sensitive information, including bank details. BitRAT is particularly dangerous to victims, because it can take full control of infected Windows systems, complete with the ability to view webcam activity, listen to audio through the microphone, secretly mine for cryptocurrency that goes into a wallet owned by the attackers and download additional malicious files.

The initial phishing message is designed to look like a payment report from a trusted source, with a short request to open an attached Microsoft Excel document.

SEE: Cybersecurity: Let’s get tactical

This file contains malicious macros and researchers note that when the document is opened, Microsoft Excel flags potential security concerns about the use of macros. If the user ignores this and opens the file, it starts the process of delivering malware.

Using Visual Basic Application (VBA) scripts and PowerShell, the malware is retrieved for installation onto the victim’s machine. The PowerShell code is split into three parts for the three different forms of malware, which can each be installed.

It’s not detailed why the phishing email delivers three malware payloads, but it’s likely that with three different forms of malware to deploy, there’s a greater chance of the cyber criminals being able to gain access to whatever sensitive information they’re looking to steal.

Phishing remains one of the most common methods cyber criminals use to deliver malware – because put simply, it’s effective – but there are things which can be done to avoid falling victim.

Users should be wary of unexpected emails claiming to contain important information hidden in attachments – particularly if that attachment requires you to enable macros first. If possible, for example, if the email claims to come from a college or business associate, you could contact them using a different method than email to check if it’s really them who sent the email.

Businesses can also help employees avoid falling victim to phishing emails by using appropriate anti-spam and anti-virus software, as well a training users on how to spot and report phishing emails. 

MORE ON CYBERSECURITY



Source link

RELATED ARTICLES

Cleveland Clinic names Dennis Laraway as next CFO

Cleveland Clinic has named Banner Health executive Dennis Laraway as its next chief financial officer, effective March 13, the system said Thursday.  Laraway has been CFO at...

Medicaid coverage for millions to end when COVID-19 emergency expires

States are preparing to remove millions of people from Medicaid as protections put in place early in the covid-19 pandemic expire. The upheaval, which...

Philippe Cousteau Jr’s EarthEcho International Launches OurEcho Challenge for UK Schools & Young People To Help Reduce Biodiversity Loss

STEM contest for pupils, Years 6-10, with top UK project grant of £5,000 London, UK (2 February 2023) - Phillippe...

Most Popular

Cleveland Clinic names Dennis Laraway as next CFO

Cleveland Clinic has named Banner Health executive Dennis Laraway as its next chief financial officer, effective March 13, the system said Thursday.  Laraway has been CFO at...

Medicaid coverage for millions to end when COVID-19 emergency expires

States are preparing to remove millions of people from Medicaid as protections put in place early in the covid-19 pandemic expire. The upheaval, which...

Philippe Cousteau Jr’s EarthEcho International Launches OurEcho Challenge for UK Schools & Young People To Help Reduce Biodiversity Loss

STEM contest for pupils, Years 6-10, with top UK project grant of £5,000 London, UK (2 February 2023) - Phillippe...

Wireless Logic named a Leader in 2023 Gartner® Magic Quadrant™ for Managed IoT Connectivity Services, Worldwide

Company recognised for second consecutive year for Completeness of Vision and Ability to Execute LONDON, UK – 2 FEBRUARY, 2023 –...

Recent Comments