FortiGuard Labs cybersecurity experts have discovered a sophisticated email phishing scheme that uses fraudulent hotel reservations to target unsuspecting victims.
The phishing campaign involves the deployment of an infected PDF file, which sets off a chain of actions that culminates in the activation of the MrAnon Stealer malware.
The attackers, as initially reported by Hackread, conceal themselves as a hotel reservation company rather than depending on complicated technical means. They send phishing emails with the subject “December Room Availability Query,” which contain fake holiday season booking details. A downloader link included within the malicious PDF file initiates the phishing attempt.
Following an investigation, FortiGuard Labs experts discovered a multi-stage process involving.NET executable files, PowerShell scripts, and fraudulent Windows Form presentations. The attackers expertly navigate through these steps, using techniques such as fake error messages to mask the successful execution of the MrAnon Stealer malware.
The MrAnon Stealer runs in the background, emplo
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: