fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Dridex Omicron Phishing Taunts with Funeral Helpline Number

Dridex Omicron Phishing Taunts with Funeral Helpline Number

A malware distributor for the Dridex banking malware has been toying with victims and researchers over the last few weeks. The latest example is a phishing campaign that taunts victims with a COVID-19 funeral assistance helpline number.

Dridex is banking malware distributed through phishing emails containing malicious Word or Excel attachments. When these attachments are opened, and macros are enabled, the malware will be downloaded and installed on the victim’s device.

Once installed, Dridex will attempt to steal online banking credentials, spread to other machines, and potentially provide remote network access for ransomware attacks.

Also Read: 4 Things to Know When Installing CCTVs Legally

COVID-19 Omicron variant used as a lure

Over the past few weeks, one of the Dridex phishing email distributors is having fun toying with victims and researchers.

This was first seen when the threat actor began trolling security researchers by using their names combined with racist comments as malware file names and email addresses.

Earlier this week, the threat actor spammed fake employee termination letters that displayed an alert stating, “Merry X-Mas Dear Employees!”, after infecting their device.

In a new phishing campaign discovered by MalwareHunterTeam and 604Kuzushi, this same threat actor took it to the next level by spamming emails with a subject of “COVID-19 testing result” that states the recipient was exposed to a coworker who tested positive to the Omicron COVID-19 variant.

“This letter is to inform you that you have been exposed to a coworker who tested positive for OMICRON variant of COVID-19 sometime between December 18th and 20th,” reads the new phishing email shown below.

“Please take a look at the details in the attached document.”

Dridex phishing email stating you were exposed to Omicron COVID-19 variant
Dridex phishing email stating you were exposed to Omicron COVID-19 variant

The email includes a password-protected Excel attachment and the password needed to open the document. Once the password is entered, the recipient is shown a blurred COVID-19 document and is prompted to ‘Enable Content’ to view it.

Also Read: 5 Most Frequently Asked Questions About Ransomware

Blurred document lure to convince users to enable macros
Source: BleepingComputer

To add insult to injury, after macros are enabled, and the device becomes infected, the threat actor taunts their victims by displaying an alert containing the phone number for the “COVID-19 Funeral Assistance Helpline.”

A bad joke showing the COVID-19 Funeral Assistance Helpline number
A bad joke showing the COVID-19 Funeral Assistance Helpline number
Source: BleepingComputer

With the COVID-19 variant being highly contagious and rapidly spreading worldwide, phishing emails about the Omicron variant are becoming popular and are likely highly effective in distributing malware.

This is especially true if the phishing campaign pretends to be from a company’s human resources department and targets employees from the same company.

 As Dridex phishing campaigns are currently using password-protected attachments, enterprises need to train their employees to spot and avoid these types of attacks.

As always, if you receive unexpected emails or one that contains unusual attachments, always reach out to your network admin or other people in the workplace to determine if the email is legitimate.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us