Microsoft has discovered a new COVID-19 themed phishing campaign using economic concerns to target businesses with the LokiBot information-stealing Trojan.
In tweets published today by
Microsoft Security Intelligence, Microsoft explains that a recent phishing campaign was detected using COVID-19 lures to spread the LokiBot information-stealing Trojan.
When infected, LokiBot will steal saved login credentials from a variety of browsers, FTP, mail, and terminal programs, and then send them back to the attackers' servers where they can be later retrieved.
Microsoft was able to detect the attack with the help of Microsoft Threat Protection's machine learning algorithms, with all customers running Microsoft Defender being automatically protected.
According to Microsoft, both of the new phishing campaigns utilized COVID-19 lures to trick recipients into opening the malicious attachments. [....]
