Grandoreiro Malware Hijacks Outlook Client to Send Phishing Emails

21 May 2024

X-Force identified a phishing campaign targeting Latin American users since March 2024, where emails impersonate legitimate entities like tax and utility services, urging recipients to click links for invoices or account statements. Clicking the link redirects users in specific countries to a fake PDF icon while downloading a malicious ZIP archive containing an executable disguised as a PDF, which leverages urgency and exploits trust in official institutions to trick users into compromising their systems. Sample emails impersonating SAT, and CFE For the first time, the phishing campaign targets users outside Latin America. The emails impersonate tax authorities like the South African Revenue Service (SARS) and leverage familiar tactics used in past Grandoreiro campaigns in Latin America.

Source: GBHackers

Date:

21 May 2024

Categorie(s):

NEWS

Tag(s):

Clients, Cyber Security News, Identity Theft, Microsoft, Microsoft Office

Criminals open DocuSign’s Envelope API to make BEC special delivery5 November 2024
Biden administration prepares second executive order on cybersecurity5 November 2024
Link Index for Customer Identity and Access Management5 November 2024
Technical debt, multi-cloud complexity hinder modern tech adoption5 November 2024
FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions5 November 2024