Account Statement- pineislandweb.com malspam delivers Dridex banking trojan

cyber

The next in the never ending series of malware downloaders is an email with the subject of  Account Statement  coming from Morton  Lintern <Morton.2825@pineislandweb.com> delivers  Dridex banking trojan

I am also seeing other similar subjects including: Outstanding Statement

There will be numerous different versions of this malware coming from random names@pineislandweb.com and very probably a load of other newly created and registered domains sending this banking trojan.

They use email addresses and subjects that will entice, persuade, scare or shock  a recipient to read the email and open the attachment.

This vbs file downloads the Dridex trojan from http://fbl.com.sg/JHG76w23? ( VirusTotal) There will numerous other download sites involved in this malware campaign.

There are 3 sites set as an array in the vbs file. In this example the sites are: fbl.com.sg/JHG76w23?” |  “signlight.com.au/JHG76w23?”  | “pesonamas.co.id/JHG76w23?”. The VBS attempts to contact the first site in the list and moves on through the others until one responds and gives the Dridex Banking Trojan

 

To read the original article:

 

Laisser un commentaire

Next Post

Beware! Undetectable CrossRAT malware targets Windows, MacOS, and Linux systems.

Are you using Linux or Mac OS? If you think your system is not prone to viruses, then you should read this. Wide-range of cybercriminals are now using a new piece of ‘undetectable’ spying malware that targets Windows, macOS, Solaris and Linux systems. Just last week we published a detailed article on […]