New Threat Actor Impersonates Govt Agencies to Deliver Malware

[correlate]

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
801
Content source
https://www.bleepingcomputer.com/news/security/new-threat-actor-impersonates-govt-agencies-to-deliver-malware/
A new threat actor is using email to impersonate government agencies in the United States, Germany, and Italy to deliver ransomware, backdoors, and banking Trojans through malicious attachments.
Since the end of October, Proofpoint researchers detected a new threat actor who has been impersonating the United States Postal Service, the German Federal Ministry of Finance, and the Italian Revenue Agency in malicious spam campaigns that deliver a variety of malware.
"Between October 16 and November 12, 2019, Proofpoint researchers observed the actor sending malicious email messages to organizations in Germany, Italy, and the United States, targeting no particular vertical but with recipients that were heavily weighted towards business and IT services, manufacturing, and healthcare," Proofpoint stated in a report published today.
Click to expand...
www.bleepingcomputer.com

New Threat Actor Impersonates Govt Agencies to Deliver Malware

A new threat actor is using email to impersonate government agencies in the United States, Germany, and Italy to deliver ransomware, backdoors, and banking Trojans through malicious attachments.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: Andy Ful, Venustus, Fel Grossi and 4 others
Burrito

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
Yeah, I got one of those from the "Postal Service."

I should have taken a screen shot and posted it here --- as it was really well done.

It was a little different than the one pictured in the article.

They used an email address that was pretty well disguised... and the content used offical USPS symbols and formats.
 
  • Like
  • Thanks
Reactions: Venustus, oldschool and [correlate]
[correlate]

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
801
Burrito said:
Yeah, I got one of those from the "Postal Service."

I should have taken a screen shot and posted it here --- as it was really well done.

It was a little different than the one pictured in the article.

They used an email address that was pretty well disguised... and the content used offical USPS symbols and formats.
Click to expand...
Do you still keep a sample of it for the benefit of all?
- You seem witty since you managed to distinguish proper mail from fake.
 
  • Like
Reactions: Venustus, Burrito and oldschool
Burrito

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
Correlate said:
Do you still keep a sample of it for the benefit of all?
- You seem witty since you managed to distinguish proper mail from fake.
Click to expand...

I should have kept a copy of it. Since I got it at work, there is a protocol which includes rapid characterization and then deletion.

I didn't think about making a copy..

But I will next time.
 
  • Like
  • Thanks
Reactions: Venustus and [correlate]
You must log in or register to reply here.

Similar threads

Bot
Malware News Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
Replies
0
Views
447
Security News
Bot
Bot
Bot
    • Like
Security News Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks
Replies
1
Views
903
Security News
LennyFox
L
silversurfer
    • Like
    • +Reputation
    • Thanks
Watch Out: Attackers Are Hiding Malware in 'Browser Updates'
Replies
4
Views
1,378
News Archive
Ink
Ink

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top