Malware News Spam Campaigns Using IQY Files Infect Japanese Users With BEBLOH and URSNIF Malware

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Japanese users were flooded with BEBLOH and URSNIF malware infections last month via spam campaigns that exploited internet query (IQY) files.
Much like traditional approaches to social engineering, the cybercriminals behind the attacks attempted to fool users with a variety of calls to open an email attachment, Trend Micro reported in late August. This included requests such as “please confirm,” “photos attached” and even “payment.” According to the researchers, the spam campaigns, which began on Aug. 6 and appeared to die down as of Aug. 10, involved an estimated 500,000 messages.

While URSNIF is best known for monitoring browser sessions and stealing data, BEBLOH is a banking Trojan that has been active in Japan since 2016.
IQY files are not necessarily complex, and that’s the point. Security researchers said the basic composition of IQY files makes it easier for cybercriminals to avoid detection by more traditional, structure-based ways of uncovering security threats.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top