A Phishing Attack That Delivers Three Forms Of Malware

Uploaded on 2022-05-25 in NEWS-Cybersecurity News, FREE TO VIEW

A phishing campaign targeting Microsoft Windows users delivers three different forms of malware, all designed to steal sensitive information from victims. 

Cyber security researchers at Fortinet have released information regarding a phishing campaign targeting Microsoft Windows users. The phishing campaign leverages three different forms of malware, all of which are designed to steal sensitive information and credentials from victims. 

The malware types used in the campaign are AveMariaRAT, BitRAT, and PandoraHVNC, a trojan malware. By inserting malicious links into the phishing emails, the attackers are able to harvest usernames, passwords, and bank details entered by the victims.

According to Fortinet, the BitRAT malware is especially dangerous as it possesses the capacity to take full control of infected Windows systems, including access to the camera, audio and crypto mining abilities. 

The initial phishing message is designed to appear as though the target is receiving a payment from a trusted source. The message also requests that the target open an attached Microsoft Excel document. However, Fortinet says that the file contains malicious macros and that Microsoft Excel flags the document as a potential security concern.

Users should be wary of unexpected emails claiming to contain vital information hidden in attachments, particularly if that attachment requires you to enable macros first. If the email claims to come from a college or business associate, you should contact them using a different method than email to verify who sent the email. 

Just as fishing lures used to catch fish have grown more sophisticated, so have techniques used to perpetrate phishing. Increasingly, “phishing” emails do more than just impersonate a bank in the effort to steal consumers’ information. Thieves may send a spam email message, instant message, or pop-up message that infects the consumer’s PC with spyware or ransomware and gives control of it to the thief. 

A spam message may infect your computer when you click a link or picture in the spam message, or when you open an attachment to a spam message. If your PC is poorly secured, it may be infected as soon as you open the spam message itself.

Businesses can also help employees avoid falling victim to phishing emails by using appropriate anti-spam and anti-virus software, as well a training users on how to spot and report phishing emails. 

Fortinet:      Oodaloop:      ZDNet:     US Business Reviews:    Flipboard:      

You Might Also Read: 

Some Apps Come Loaded With Malware:

 

« How To Build A Successful Zero Trust Strategy For Data Analytics Users
Intelligent Solutions: How Innovation Is Helping To Suppress Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Rackspace Technology

Rackspace Technology

Rackspace Technology is a leading provider of managed services across all major public and private cloud technologies. Secure your IT environments with powerful cloud security solutions and support.

Security University

Security University

Security University is a leading provider of Qualified Hands-On Cybersecurity Education, Information Assurance Training and Certifications for IT and Security Professionals.

LATRO Services

LATRO Services

LATRO Services is a complete solution provider to discover, locate, and eliminate telecom fraud.

Egnyte

Egnyte

Egnyte delivers secure content collaboration, compliant data protection and simple infrastructure modernization; all through a single SaaS solution.

Leadcomm

Leadcomm

Leadcomm is a Brazilian company focused on the distribution and integration of IT systems and security solutions for large companies.

Innovasec

Innovasec

Innovasec provide information security consulting and training services.

Highland Capital Partners

Highland Capital Partners

Highland Capital Partners is an early stage venture capital firm focused on category-defining businesses in consumer and enterprise technology, including cybersecurity.

Black Hills Information Security (BHIS)

Black Hills Information Security (BHIS)

Black Hills Information Security provide security testing and vulnerability assessment services.

ActiveNav

ActiveNav

ActiveNav provide dark data discovery solutions for compliance and information governance.

689cloud

689cloud

689Cloud is a cloud content collaboration platform that allows users to protect, track, and control files AFTER they have been shared.

WidePoint

WidePoint

WidePoint Corporation is an innovative provider of Trusted Mobility Management (TM2) solutions.

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance is a nonprofit, nonpartisan collaboration of individuals, businesses, government entities, and professionals advocating for more effective cyber security solutions.

Infosys

Infosys

Infosys is a global leader in consulting, technology and outsourcing solutions.. Services include IT strategy, technical architecture and operations including cybersecurity.

Verisign

Verisign

Verisign is a Global Leader in Domain Names & Internet Security, providing protection for websites and enterprises around the world.

Dynamic Networks

Dynamic Networks

Dynamic Networks provide Managed Cloud Services; Unified Communications; Security & Compliance Services and Network & Infrastructure Services for both Public Sector and Private sector businesses.

Tanzania Industrial Research and Development Organization (TIRDO)

Tanzania Industrial Research and Development Organization (TIRDO)

TIRDO is a multi-disciplinary research and development organization.