Briefing Malware
BLOG CERT SOGETI ESEC
CERT BRIEFING MALWARE

Briefing Malware - 22/02/2022

22th of February 2022 - Winners of the 8th week : Redline, NjRAT and Formbook.

Some links points at extended actionnable intelligence (Threat Bulletins, TTPs, signatures, etc) on our Threat Intelligence Platform Anomali. This access is limited to our clients.

 

Threat statistics report

Publication date:

22/02/2022

Distribution :

TLP : WHITE  

What's new?

Formbook (NC)

Cybercrime, “Payment Advice for Outstanding Invoices” conveys Formbook

A new malware campaign has been spotted by #difesaesicurezza researcher Francesco Bussoletti that delivers the malware #Formbook.

The #phishing campaign named “Payment Advice for Outstanding Invoices” tries to attract the potential victim with the promise that a large amount of money have been transferred to its account. The “#GZ” file shown as a receipt of the transfer contains an executable with the malware inside.

Formbook is a Malware-as-a-Service (#MaaS), active since 2016, dedicated to steal personal information from the victims such as #credentials or #credit card saved in web browser, as well as #keystrokesor #screenshots of the desktop. They can also perform actions from Command and Control (#C2) servers and collect those information through #ftp.

https://www.difesaesicurezza.com/en/defence-and-security/cybercrime-payment-advice-for-outstanding-invoices-conveys-formbook/

 

Download the report

 

 

Print Email