/>
X

Stratfor subscribers targeted by passwords-stealing malicious emails

Cybercriminals are quick to capitalize on the Stratfor database leak, and are currently spamvertising malicious emails impersonating the company.
Written by Dancho Danchev, Contributor on

Cybercriminals are quick to capitalize on the Stratfor database leak, and are currently spamvertising malicious emails impersonating the company.

Researchers from Barracuda Labs have intercepted a malicious email campaign impersonating the company. Using  “Stratfor: Beware of false communications” subjects, the emails contain a PDF file enticing end and corporate users into downloading an antivirus package (supposedly McAfee).

Detected as PWS-Zbot.gen.ry, the bogus antivirus package will harvest stored passwords from the infected hosts and send them back to the command and control server. Moreover, the malware will scan the local hard drive for .PDF, .XLS and .DOC files, and will upload them to a remote site, relying on the File Transfer Protocol (FTP).

Users are advised to avoid interacting with the emails, and immediately report them as spam/malicious.

Related

This is the ultimate security key. Here's why you need one
Yubikey 5C NFC

This is the ultimate security key. Here's why you need one

Security
Azure's capacity limitations are continuing. What can customers do?
azurecapacitylimits

Azure's capacity limitations are continuing. What can customers do?

Cloud
He flew American Airlines, she flew United. For both, the unthinkable happened
screen-shot-2022-06-30-at-10-14-36-am.png

He flew American Airlines, she flew United. For both, the unthinkable happened

Business