Threat actors are using people’s interest in the Department of Labor’s Family and Medical Leave Act (FMLA) to spread what appears to be the TrickBot trojan in a new spam campaign that security researchers discovered recently.
Recent analysis from spam honeypots set by IBM X-Force discovered actors targeting email recipients with fake messages that claim to be from the department to inform people of changes to the FMLA, which gives employees the right to family-leave medical benefits, according to a
post by IBM security analyst Ashkan Via. Instead, the emails include malicious attachments aimed at installing what researchers believe is the TrickBot malware, they said.
“Users infected with the TrickBot Trojan will see their device become part of a botnet that can allow attackers to gain complete control of the device,” Via, along with IBM X-Force co-authors David Bryant and Limor Kessem, wrote in the post. “Typical consequences of TrickBot infections are bank account takeover, high-value wire fraud, and possibly ransomware attacks targeting organizational networks.
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
