silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,438
A new downloader was disclosed today, sporting significant anti-analysis features and increasingly sophisticated distribution techniques.
Researchers at Proofpoint have been tracking the downloader as a first-stage payload in campaigns since May 2018. Dubbed AdvisorsBot (due to early command-and-control domains, all containing the word “advisors”), it has been targeting hotels, restaurants and telecom-sector victims.
“A majority of the targets were located in the United States, but we’ve observed this threat globally,” Chris Dawson, threat intelligence lead at Proofpoint, told Threatpost. “To date, the campaigns have targeted thousands of recipients.”
The research team said in a post Thursday that the campaigns use several themes in their email lures, including a “grievance” gambit.