12 February 21, 16:04
Quote:With Valentine’s Day approaching this weekend, several people have received “recent order” email confirmations for flowers or lingerie. These emails are actually part of a spear-phishing attack, which ultimately leads recipients to a malicious document that executes the BazaLoader malware.
The BazaLoader downloader, written in C++, has the primary function of downloading and executing additional modules. BazaLoader was first observed in the wild in April – and since then researchers have observed at least six variants, “signaling active and continued development.”
Recently, researchers found multiple BazaLoader campaigns in January and February, which have relied heavily on human interaction with different sites, PDF attachments and email lures.
“There were a range of lure and subject topics, including compact storage devices, office supplies, pharmaceutical supplies and sports nutrition, but what stuck out were campaigns that were timely and relevant to the upcoming Valentine’s Day holiday,” said researchers with Proofpoint on Thursday. “The campaigns were spread across a diverse set of companies and sectors.”
Read more: https://threatpost.com/valentines-day-ma...ck/163900/