This phishing email promises you a bonus – but actually delivers this Windows trojan malware

A new phishing campaign is attempting to lure victims into downloading the latest version of a malware trojan – and it has links to one of the most prolific cyber-criminal operations active in the world today.

The Bazar trojan first emerged last year and a successful deployment of the trojan malware can provide cyber criminals with a backdoor into compromised Windows systems, allowing them to control the device and gain additional access to the network in order to collect sensitive information or deliver malware, including ransomware.

Now cybersecurity researchers at Fortinet have identified a new variant of Bazar trojan, which has been equipped with anti-analysis techniques to make the malware harder for anti-virus software to detect.

These include hiding the malicious APIs in the code and only calling on them when needed, additional code obfuscation, and even encrypting certain strings of the code to make it more difficult to analyse.

The new techniques were added to Bazar towards the end of January and coincided with a phishing campaign designed to distribute the updated version of the malware…

Read complete article at source

By Danny Palmer | February 15, 2021 — 13:00 GMT (05:00 PST) | Topic: Security

Back to news overview