Phishing impersonates shipping giant Maersk to push STRRAT malware

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/phishing-impersonates-shipping-giant-maersk-to-push-strrat-malware/

A new phishing campaign using fake shipping delivery lures installs the STRRAT remote access trojan on unsuspecting victim's devices.

Fortinet discovered the new campaign after spotting phishing emails impersonating Maersk Shipping, a giant in the global shipping industry, and using seemingly legitimate email addresses.

If the recipient opens the attached document, the macro code that runs fetches the STRRAT malware onto their machine, a powerful remote access trojan that can steal information and even fake ransomware attacks.

“Examining that traffic in Wireshark shows STRRAT being exceptionally noisy. This is likely due to the C2 channel being offline at the time of the investigation,” explains Fortinet’s report

Phishing impersonates shipping giant Maersk to push STRRAT malware

A new phishing campaign using fake shipping delivery lures installs the STRRAT remote access trojan on unsuspecting victim's devices.

www.bleepingcomputer.com

 

[upnorth]

Noted a small uptick with these variants in repositories.