An spam-based phishing campaign recently targeted North American banking customers with malicious Excel documents designed to infect victims with a new variant of the information-stealing TrickBot banking trojan, researchers reported earlier this week. The scam dates back to at least Jan. 27 and peaked in volume on Jan. 30, according a new blog post from…
Subscribers to a Tibetan Government-in-Exile mailing list were targeted in a recent email-based phishing campaign designed to infect them with a remote access trojan. Dubbed ExileRAT, the trojan is capable of gathering system information, retrieving and pushing files, and executing and ending various processes, according to a blog post from Cisco Systems’ Talos division, whose…
Delaware’s Department of Insurance announced yesterday that 650 residents and five companies located within the state were impacted by a 2018 data breach of BenefitMall, a third-party HR services administrator for health insurance companies. It was originally back on Jan. 4, 2019, that BenefitMall, aka Centerstone Insurance and Financial Services, publicly disclosed a “data security…
Attackers this month have revived an email phishing operation that targets Russian speakers with Shade ransomware served via malicious JavaScript attachments. The scam first emerged in a campaign that began in mid-October of last year, before dying down over the holiday period. But January ushered in a more intense second phase that doubled the previous…
An ongoing email phishing campaign designed to spread Redaman banking malware aggressively targeted Russian-speakers, especially those with .ru addresses, over the last four months of 2018. Researchers at Palo Alto Networks’ Unit 42 division reported this week in a company blog post that from September through December, its threat intelligence service detected 3,845 email sessions…
In an apparent first, researchers last year observed an unusual phishing kit that obfuscates its landing page’s source code with web fonts as a means to avoid detection. Attackers recently used the kit as part of a credential harvesting scheme that targeted a major retail bank, researchers from Proofpoint revealed in a Jan. 3 blog…
A clever phishing attack targeting Electrum Bitcoin wallets has resulted in the theft of more than $750,000 worth of cryptocurrency at the time of writing. Electrum is a popular Bitcoin wallet which doesn’t require users to download the full blockchain and instead uses servers to remotely provide users with blockchain accessed through their wallet. A…
There’s no question about it: the “Three Questions Quiz” is a scam, regardless of which legitimate brand it’s attempting to imitate. Indeed, a new blog post from Akamai Technologies identifies 78 unique brands impersonated over the past year by this well-established online phishing scheme, in which victims are tricked into giving away personal information to…
Researchers at Proofpoint have uncovered a sophisticated tool commonly used by malicious actors to build weaponized documents for phishing campaigns. Dubbed LCG Kit, the service has helped small crime groups create docs capable of spreading a variety of remote access trojans and information stealers, such as Loki Bot, FormBook, Agent Tesla, Remcos, AZORult, REvcode RAT and…
Hackers believed to be associated with Charming Kitty has ramped up their activities with a phishing campaign against American officials charged with enforcing economic sanctions imposed on Iran by President Trump. Citing research from Certfa, which discovered an open server listing Gmail and Yahoo email addresses in the hackers’ sights, AP said that the Iranian hacking group…
