Tag: malspam

CrowdStrike Intelligence uncovered a phishing campaign impersonating CrowdStrike and distributing malicious files containing a Microsoft Installer (MSI) loader. The loader executes the commodity stealer 'Lumma Stealer' packed with 'CypherIt'. This campaign is likely linked to a previous 'Lumma Stea…

This analysis delves into a recent surge of malicious email campaigns by the DarkGate threat actor, employing novel tactics to distribute malware. These campaigns leverage a technique called 'Remote Template Injection' to bypass security controls and deceive recipients into executing malicious code…

A recent report describes a malspam campaign distributing malware payloads in attachments with TXZ file extensions. The attachments were RAR archives with renamed extensions, likely attempting to exploit native TXZ support in Windows 11. Two campaigns distributed the payloads, one with GuLoader mal…

In late April 2024, Proofpoint observed high-volume email campaigns facilitated by the Phorpiex botnet, distributing millions of messages with attachments leading to LockBit Black ransomware infections. The messages appeared to originate from 'Jenny Green' and contained ZIP attachments with executa…