A Phishing Attack That Delivers Three Forms Of Malware

Uploaded on 2022-05-25 in NEWS-Cybersecurity News, FREE TO VIEW

A phishing campaign targeting Microsoft Windows users delivers three different forms of malware, all designed to steal sensitive information from victims. 

Cyber security researchers at Fortinet have released information regarding a phishing campaign targeting Microsoft Windows users. The phishing campaign leverages three different forms of malware, all of which are designed to steal sensitive information and credentials from victims. 

The malware types used in the campaign are AveMariaRAT, BitRAT, and PandoraHVNC, a trojan malware. By inserting malicious links into the phishing emails, the attackers are able to harvest usernames, passwords, and bank details entered by the victims.

According to Fortinet, the BitRAT malware is especially dangerous as it possesses the capacity to take full control of infected Windows systems, including access to the camera, audio and crypto mining abilities. 

The initial phishing message is designed to appear as though the target is receiving a payment from a trusted source. The message also requests that the target open an attached Microsoft Excel document. However, Fortinet says that the file contains malicious macros and that Microsoft Excel flags the document as a potential security concern.

Users should be wary of unexpected emails claiming to contain vital information hidden in attachments, particularly if that attachment requires you to enable macros first. If the email claims to come from a college or business associate, you should contact them using a different method than email to verify who sent the email. 

Just as fishing lures used to catch fish have grown more sophisticated, so have techniques used to perpetrate phishing. Increasingly, “phishing” emails do more than just impersonate a bank in the effort to steal consumers’ information. Thieves may send a spam email message, instant message, or pop-up message that infects the consumer’s PC with spyware or ransomware and gives control of it to the thief. 

A spam message may infect your computer when you click a link or picture in the spam message, or when you open an attachment to a spam message. If your PC is poorly secured, it may be infected as soon as you open the spam message itself.

Businesses can also help employees avoid falling victim to phishing emails by using appropriate anti-spam and anti-virus software, as well a training users on how to spot and report phishing emails. 

Fortinet:      Oodaloop:      ZDNet:     US Business Reviews:    Flipboard:      

You Might Also Read: 

Some Apps Come Loaded With Malware:

 

« How To Build A Successful Zero Trust Strategy For Data Analytics Users
Intelligent Solutions: How Innovation Is Helping To Suppress Cyber Attacks »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Datto

Datto

Datto delivers a single toolbox of easy to use products and services designed specifically for managed service providers and the businesses they serve.

Hewlett Packard Enterprise (HPE)

Hewlett Packard Enterprise (HPE)

HPE is an information technology company focused on Enterprise networking, Services and Support.

IPCopper

IPCopper

IPCopper specializes in network packet capture appliances for cybersecurity, cybersurveillance and network monitoring, and encrypted data storage.

Cyber Security Education

Cyber Security Education

CybersecurityEducation.org is an online directory of cyber security education and careers.

Com Laude

Com Laude

Com Laude is a domain name management company that provides strategic consulting to help companies strengthen digital brand, safeguard customers & protect brand IP.

Sonrai Security

Sonrai Security

Sonrai Security delivers an enterprise security platform focused on identity and data protection inside AWS, Azure, and Google Cloud.

Conatix

Conatix

Conatix was formed to apply recent advances in AI and other fields of technology to insider fraud, one of the most intractable problems in cybersecurity.

Synamic Technologies

Synamic Technologies

Synamic Technologies was founded in 2018 as a start-up to automate cyber security processes. Our CISOSCOPE product automates vulnerability management, risk management and compliance.

Regulativ.ai

Regulativ.ai

Regulativ.ai is an innovative and comprehensive platform, driven by AI, to address the regulatory and compliance needs of Cyber Security Regulatory compliance and reporting.

Analog Devices Inc (ADI)

Analog Devices Inc (ADI)

Analog Devices is uniquely positioned to deliver security at the edge, where the data is born, because our sensor solutions convert the physical, analog world into the digital world.

Quad9 Foundation

Quad9 Foundation

Quad9 is a free security solution that uses DNS to protect your system against the most common cyber threats. It improves your system's performance, plus, it preserves and protects your privacy.

Pessimistic Security

Pessimistic Security

The team behind Pessimistic helps blockchain startups meet modern security challenges since 2017.

MS Tech Solutions

MS Tech Solutions

MS Tech Solutions is a Jamaican-based, multinational consulting company that specializes in the architecture, implementation and management of key network and Information technologies.

Cysurance

Cysurance

Cysurance is a next-generation risk mitigation company that insures, warranties and certifies security solutions.

SecureCyber

SecureCyber

Secure Cyber Defense offers industry-leading technology and managed detection and response solutions.

CommScope

CommScope

CommScope is pushing the boundaries of technology to create the world’s most advanced wired and wireless networks.