Kaspersky warned: the new Loki Bot campaign targets corporate e-mail
Security experts from Kaspersky Labs recently warned that they had discovered a new junk e-mail campaign. In this activity, the attacker tried to use the variable malware Loki Bot to target users of the target corporate email.
According to security experts, the event began in early July. So far, all spam emails that have been discovered have an attachment to the .ios extension, which contains malware detected as “Loki Bot.” The primary goal of the malware is to steal passwords from browsers, chat software, email and FTP clients, and cryptocurrency wallets and send them to attackers.
The ISO file is an image file of the CD. Using the burning software, you can directly burn the ISO file into an installable system CD. In general, very few attackers use this file to spread malware, but it can indeed be used as an attack vector.
As for the emails distributed during this event, they cover a wide variety of topics. Kaspersky Lab’s security experts divide them into the following categories:
1) False notices from well-known companies
Disguising email as a notification from a well-known company is one of the most popular techniques in hacking. Interestingly, such emails used to target ordinary users or corporate customers in the past, and now more and more companies have become targets.
2) Financially related false notifications
The attacker masquerades the malicious file as a financial document for delivery: invoices, transfers, payments, and so on. This is also a relatively popular malicious spam email technology. The body of an email often has only a few lines of text, mainly to remind recipients to pay attention to email attachments.
3) False orders or offers
An attacker would typically pretend to be the buyer of a target enterprise good or service or a supplier that provides goods or services.
Kaspersky Lab’s security experts say they see an increase in the number of spam email attacks against the corporate sector every year. Attackers attempt to steal confidential information about targeted businesses, such as intellectual property, authentication data, databases, and bank accounts, through phishing and malicious spam emails, including fake business emails.
This is why many security experts emphasise the reasons why companies must strengthen their network security measures, including the protection of their network systems and the training of employees because employees’ behaviour is likely to bring irreparable damage to the business.
Source, Image: securelist