Casa > cibernético Notícias > Malware Downloader Tool Defoil Most Used in Scam Emails in September
CYBER NEWS

Malware Downloader Ferramenta Defoil Mais Utilizadas em e-mails Scam em setembro

Malware Downloader Ferramenta Defoil Mais Utilizadas em e-mails Scam em setembro
Os hackers usam mensagens de spam, muitas vezes como um caminho de distribuição de malware. Os arquivos maliciosos são geralmente entregue ao utilizador como anexos ou links para um local de download. Pesquisadores relatam que a maioria dos e-mails fraudulentos enviados é setembro, were using a malware downloader tool, dubbed Dofoil.

Members of the Kaspersky research team point out that compared to previous months, the spam messages sent in September were less. Seems like good news, mas, infelizmente, the difference is only 0.7%.

Phishing and DroppersMost Popular Among the Threats in September

The Dofoil dropper was used in 3.08% of the malicious emails. The tool is used to enter the targeted system and execute other malware types. According to Microsoft research, the dropper injects code into “scchost.exe”, which is used to establish a connection to a C&C (Comando e controle) server that receives encrypted configuration data. The obtained information is then unpacked and executed on the affected computer.

Two other versions of Dofoil also have been among the most delivered malware pieces in September. A phishing attempt, identified as Trojan-Spy.HTML.Fraud.gen by Kaspersky was ranked second in the Top Ten list for September. The campaign included an email claiming to be from commercial banks and asked the victims to log in their accounts using a link smartly provided in the message.

A large number of the infections were detected in the UK, Germany and the US. Russia was ranked thirteenth.

Ebola-Themed Malware Campaigns

12,12% of the spam sources worldwide are located in the US, followed by Vietnam with 9.27% and Russia with 5.75%.

A large number of the scam messages in September were hiring and firing oriented. Muito de Ebola-themed campaigns have also been launched. In the so-called Nigerian “advance-fee” scam, por exemplo, the victim is asked to send a certain amount of money to the crooks, supposedly for enabling access to a fortune, imminent expiration due to Ebola.

Other scam emails in the UK claimed to be sent from the WHO and contained an invitation to a conference. The victim is offered a large payment and a vehicle to work as a representative of the organization. Naturalmente, personal data is required.

Avatar

Berta Bilbao

Berta é um pesquisador de malware dedicado, sonhando para um espaço cibernético mais seguro. Seu fascínio com a segurança de TI começou há alguns anos atrás, quando um malware bloqueado la fora de seu próprio computador.

mais Posts

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...