Cyber Criminals now distributing new dubbed Muncy malware as a EXE file format via DHL phishing campaigns to target the users around the world.
DHL phishing is one of the widely distributing campaigns that delivers that various sophisticated malware in recent past via malspam emails.
Threat actors are leveraging the poorly configured SMTP servers and email spoofing techniques to distributing the DHL phishing campaign that looks like a legitimate one.
DHL is a globally well-known and trusted logistics company that providing
international courier, parcel, and express mail services and the reputation abused by cybercriminals in order to deliver the powerful malware.
Malicious actors using Email spoofing technique in currently distributed phishing email campaign where the email pretending that it comes from DHL express.
Distributed malspam Email contained a malicious attachment that posed as PDF and the extracted files format is .exe.
Initial wave observed was on February 12th, 2019 by Segurança Informática (SI) Lab and the further analysis revealed that SMTP servers with bad configurations are a majestic vector to spread malicious campaigns.
Also, the body of the email tricked with embedded PNG image instead of the plain-text message that attached to the following local path in the system C:/Users/Administrator/Desktop/DHL.png .
Once the victim open the attachment, it drops the Muncy trojan file on the system and the malware is completely packed.
Later its starts the initial execution process that unpacked to the PE File .data section and scans the entire C:\ drive in order to find the sensitive files.
“The phishing campaign is trying to impersonate DHL shipment notification and the malware is attached in the email”, Founder and Pentester at CSIRT.UBI, Pedro Tavares who discovered this malware told to GBHackers via email.
“This malware is on the rise and is affecting user’s in-the-wild while stealing sensitive information from their devices.”
The giant DHL has already been informed about the phishing campaign but has not yet issued any public statement. researcher said.
7eb38ece89e903d298d7cf03b3aec69d
4df6d097671e0f12b74e8db080b66519
Google Launches phishingquiz To Test That you Can Identify Phishing Emails
Phishing Email Scams Target American Express Card Users To Steal Sensitive Information
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…
White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…