Japanese users were flooded with BEBLOH and URSNIF malware infections last month via spam campaigns that exploited internet query (IQY) files.
Much like traditional approaches to social engineering, the cybercriminals behind the attacks attempted to fool users with a variety of calls to open an email attachment, Trend Micro reported in late August. This included requests such as “please confirm,” “photos attached” and even “payment.” According to the researchers, the spam campaigns, which began on Aug. 6 and appeared to die down as of Aug. 10, involved an estimated 500,000 messages.
While
URSNIF is best known for monitoring browser sessions and stealing data, BEBLOH is a banking Trojan that has been active in Japan since 2016.