Phishing Campaign Delivers A Double Hitter

A phishing attack is being sent with Word attachments that deliver both the Gandcrab ransomware and Ursnif executable. This phishing campaign was detected by researchers at Carbon Black, this attack has hit infected systems with a lethal attack combination that harvests credentials, gathers system and process information and afterwards it encrypts data in order to extort payments from victims.

Jared Myers, senior threat researcher for Carbon Black stated “The campaign appears to be ongoing, as we are seeing additional payloads being posted on pastebin.com that are almost identical to the payloads that were leveraged to data extracted from our analysis of these samples.”

The Attack

The initial phishing emails included a Microsoft Word document that delivers the early stages of the attack. “The overall attack leverages several different approaches, which are popular techniques amongst red-teamers, espionage-focused adversaries and large-scale criminal campaigns,” said Carbon Black researchers in a Thursday analysis. Read More

Patrick Domingues

See Full Bio

Cyber Attacks

January 26, 2019 Patrick Domingues

Patrick Domingues