Cofense in ZDNet

By Charlie Osborne

July 16, 2019

The Dridex banking Trojan is being deployed in a new phishing campaign which combines the malware with a remote access tool for the purpose of credential and information theft.

Researchers from Cofense said this week that the new campaign is impersonating eFax, a modern, cloud-based variant of the traditional fax machine which is used by businesses to receive faxes across email and mobile devices.

The phishing emails crafted for this wave of attacks include an attached .ZIP archive which contains an .XLS Microsoft Excel spreadsheet.

The spreadsheet is malicious as it contains an Office macro which, should a victim enable when prompted, will download and execute both Dridex and the Remote Manipulator System Remote Access Tool (RMS RAT). …

Full story

  • Share This Story, Choose Your Platform!