A new phishing scam purports to be MYOB invoices – but really contains a novel banking trojan.
The recently-discovered DanaBot banking trojan is making the rounds in a phishing campaign that targets potential victims with fake invoices from software company MYOB.
The emails purport to be invoices from MYOB, an Australian multinational corporation that provides tax, accounting and other business services software for SMBs. But in reality, the missives contain a dropper file that downloads the DanaBot banking trojan, which once downloaded steals private and sensitive information, and sends screenshots of the machine’s system and desktop to the Command and Control server.
“Cybercriminals are targeting victims in Australian companies and infecting them with sophisticated multi-stage, multi-component and stealthy banking trojans like DanaBot to steal their private and sensitive information,” said Trustwave researchers in a
post about the campaign, Friday. “In this campaign the attackers sent targeted phishing emails in the form of fake MYOB invoice messages with invoice links pointing to compromised FTP servers hosting the DanaBot malware.”
[...]
DanaBot Trojan Targets Bank Customers In Phishing Scam
