February 25, 2021

TerabitWeb Blog

Fascinating Technology and Security Information

The World Health Organization name weaponized to lure phishing victims

2 min read

Original Post from SC Magazine
Author: Doug Olenick

The World
Health Organization (WHO) is among the premiere sources of up to date and
accurate information on COVID-19 so it is now surprise cybercriminals are
leveraging this for their benefit.

Malwarebytes has found a new phishing campaign using the well-respected WHO name as a lure to trick people who are rightfully fearful of Coronvavirus into downloading a fake e-book that carries an infostealer. The e-book, named My-Health, is advertised to contain information to protect children and business from the virus.

The body of
the email is visually compelling but does contain clues that it is not
legitimate. The typos include incorrectly hyphenating the name as Corona-virus,
along with several odd uses of capital letters and some poor grammar.

The recipient
is expected to download the fake e-book from the attached zip file. However, it
only contains GuLoader, which upon being download itself brings in the infostealing
trojan FormBook.

“Formbook is
one of the most popular info-stealers, thanks to its simplicity and its wide
range of capabilities, including swiping content from the Windows clipboard,
keylogging, and stealing browser data. Stolen data is sent back to a command
and control server maintained by the threat actors,” Malwarebytes reported.

Researchers
point out that with many millions of people now working from home, possibly
using unsecure systems, any malware downloaded can easily end up inside their
company’s network.

The post The World Health Organization name weaponized to lure phishing victims appeared first on SC Media.


Go to Source
Author: Doug Olenick

Copyright © All rights reserved. | Newsphere by AF themes.