New Dridex global campaign via couriers and Cutwail. Fake xlsm invoice, distributed by the botnet, contact a random link from an internal list and download the malware
New global courier-themed Dridex campaign. The bait is an invoice with an xlsm attachment.
The file, if open, contacts a random link from an internal list and downloads the DLL, which starts the malware infection chain. Moreover, as cybersecurity researcher moto_sato discovered, malicious documents continue to be distributed by the Cutwail botnet. Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially with a courier theme. The targets are mainly companies, but not only.
To read the original article: https://www.difesaesicurezza.com/en/defence-and-security/cybercrime-new-dridex-campaign-via-couriers-and-cutwail/