A Phishing Attack That Delivers Three Forms Of Malware

Uploaded on 2022-05-25 in NEWS-Cybersecurity News, FREE TO VIEW

A phishing campaign targeting Microsoft Windows users delivers three different forms of malware, all designed to steal sensitive information from victims. 

Cyber security researchers at Fortinet have released information regarding a phishing campaign targeting Microsoft Windows users. The phishing campaign leverages three different forms of malware, all of which are designed to steal sensitive information and credentials from victims. 

The malware types used in the campaign are AveMariaRAT, BitRAT, and PandoraHVNC, a trojan malware. By inserting malicious links into the phishing emails, the attackers are able to harvest usernames, passwords, and bank details entered by the victims.

According to Fortinet, the BitRAT malware is especially dangerous as it possesses the capacity to take full control of infected Windows systems, including access to the camera, audio and crypto mining abilities. 

The initial phishing message is designed to appear as though the target is receiving a payment from a trusted source. The message also requests that the target open an attached Microsoft Excel document. However, Fortinet says that the file contains malicious macros and that Microsoft Excel flags the document as a potential security concern.

Users should be wary of unexpected emails claiming to contain vital information hidden in attachments, particularly if that attachment requires you to enable macros first. If the email claims to come from a college or business associate, you should contact them using a different method than email to verify who sent the email. 

Just as fishing lures used to catch fish have grown more sophisticated, so have techniques used to perpetrate phishing. Increasingly, “phishing” emails do more than just impersonate a bank in the effort to steal consumers’ information. Thieves may send a spam email message, instant message, or pop-up message that infects the consumer’s PC with spyware or ransomware and gives control of it to the thief. 

A spam message may infect your computer when you click a link or picture in the spam message, or when you open an attachment to a spam message. If your PC is poorly secured, it may be infected as soon as you open the spam message itself.

Businesses can also help employees avoid falling victim to phishing emails by using appropriate anti-spam and anti-virus software, as well a training users on how to spot and report phishing emails. 

Fortinet:      Oodaloop:      ZDNet:     US Business Reviews:    Flipboard:      

You Might Also Read: 

Some Apps Come Loaded With Malware:

 

« How To Build A Successful Zero Trust Strategy For Data Analytics Users
Intelligent Solutions: How Innovation Is Helping To Suppress Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Ascentor

Ascentor

Ascentor specialises in independent information and cyber security consultancy. We’re experienced industry experts, providing cyber security services since 2004.

Cyacomb

Cyacomb

Cyacomb (formerly Cyan Forensics) provides digital forensics software to help police forces find evidence on computers many times faster than before.

Avansic

Avansic

Avansic is a leading provider of e-discovery and digital forensics services to attorneys, litigation support teams, and business communities.

CyberSeek

CyberSeek

CyberSeek provides detailed, actionable data about supply and demand in the cybersecurity job market.

ISARA Corp

ISARA Corp

ISARA Corporation is a security solutions company specializing in creating class-defining quantum-safe cryptography for today's computing ecosystems.

Intertrust Technologies

Intertrust Technologies

Intertrust Technologies is a software company specializing in trusted computing products and services.

Lirex

Lirex

Lirex offer consulting and outsourcing services, complete design, construction and maintenance of ICT solutions and systems including cybersecurity.

Secure Ideas

Secure Ideas

Secure Ideas is focused on penetration testing and application security including web applications, web services and mobile applications.

Melius Cyber Security

Melius Cyber Security

Melius Cyber Security has developed a world-leading SaaS platform, Cyber Safe Plus, built around continuous assessment and improvement through vulnerability scanning and penetration testing

Abu Dhabi Gov Digital

Abu Dhabi Gov Digital

Gov Digital (formerly Abu Dhabi Digital Authority - ADDA) enable, support and deliver a digital government that is proactive, personalised, collaborative and secure.

eCentre@LindenPointe

eCentre@LindenPointe

The eCenter@LindenPointe provides assistance to the development, management and promotion of STEM (Science, Technology, Engineering, Mathematics) related business ventures.

Open Source Security Foundation (OpenSSF)

Open Source Security Foundation (OpenSSF)

OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.

Mercury Systems

Mercury Systems

Mercury Systems is the leader in making trusted, secure mission-critical technologies profoundly more accessible to aerospace and defense.

Barclay Simpson

Barclay Simpson

Barclay Simpson is proud to have a long history of delivering cyber security, technology and governance recruitment services.

Orca Technology

Orca Technology

Orca is a UK-based Managed Service Provider delivering end-to-end managed IT services, support, hosted desktop, cloud solutions and strategic guidance.

DRT Cyber

DRT Cyber

DRT Cyber deploys technology solutions to support the functions of cybersecurity, privacy, and risk management.