Lazarus_Pic1  - Lazarus Pic1 - Lazarus Hacking Group back with new phishing campaign targeting banks and bitcoin users

The North Korean , suspected to be behind the WannaCry ransomware attack last year, has returned with a new crime spree, this time financial institutions and bitcoin with phishing emails, posing as job recruiters.

The was discovered by the McAfee Advanced Threat Research (ATR) analysts and dubbed as “HaoBao”. It was designated by McAfee as an “aggressive Bitcoin-stealing phishing ” that uses “sophisticated malware with long-term impact.”

While the form of attack seems nothing new, the two-stage attack malware has surprised researchers.

“This campaign deploys a one-time data gathering implant that relies upon downloading a second stage to gain persistence,” said McAfee analyst Ryan Sherstobitoff. “The implants contain a hardcoded ‘haobao’ that is used as a switch when executing from the Visual Basic macro.”

It works by sending malicious documents as attachments to unsuspecting targets, who open the malicious document and unknowingly allow the malware to scan for Bitcoin activity, after which it establishes an implant for long-term data gathering on being successful.

According to the firm, McAfee ATR first discovered of the malware on January 15th, when they spotted a malicious document passed off as a job recruitment for a Business Development Executive at a multi-national bank based in Hong Kong. More detail in a blog by McAfee.

Do your users know what to do when they receive a suspicious email?

Should they call the help desk, or forward it? Should they forward to IT including all headers? Delete and not it, forfeiting a possible early warning?

KnowBe4 Phish Alert  - home KnowBe4 Phish Alert 2 - Lazarus Hacking Group back with new phishing campaign targeting banks and bitcoin users

KnowBe4’s Phish Alert button now also works for Gmail users with G Suite using Chrome. This gives your users a safe way to forward email threats to the security team for analysis and deletes the email from the user’s inbox to prevent future exposure. All with just one click!

 Best of all, there is no charge!

  • Reinforces your organization’s security culture
  • Incident Response gets early phishing alerts from users, creating a network of “sensors”
  • Email is deleted from the user’s inbox to prevent future exposure
  • Easy deployment via MSI file for Outlook, G Suite deployment for Gmail (Chrome)
  • Supports: Outlook 2007, 2010, 2013, 2016 & Outlook for Office 365, Exchange 2013 & 2016, Chrome 54 and later (, OS X and Windows)

This is a great way to better manage the problem of social engineering. Compliments of KnowBe4!

I want my Free Phish Alert  -  pg ae4fd4f0 5f05 46a3 892c a90e8539d19d pid 241394 ecid ACsprvvcGtx33pENrzK86FGJIeJ FP14IZQi88C nMM3dkjeqq4JfAwFBFP Q5Kse zf8ApQuynQ - Lazarus Hacking Group back with new phishing campaign targeting banks and bitcoin users

If you do not like to click on buttons with redirects, here is a link you can cut and paste into your browser:

Source link
Based Blockchain Network


Please enter your comment!
Please enter your name here