New email malware distribution campaign discovered by ESET

a new malware campaign was discovered and is targeting several countries in the Latin America. This was made possible through a team from ESETwho conducted research and showed content that has been distributed by spear phishing emails that have a zipped attachment that does not require a password.

The aim of this campaign is to infect users with malware that allows attackers to perform various actions on the infected computer. For example, it makes it possible to perform actions such as taking screenshots, stealing passwords and sending data to cybercriminals’ servers. Fernando Tavella is a Malware Researcher at the company and commented:

The informality with which the email is written is quite striking, which may raise some suspicion. On the other hand, it is important to note that the attachment has a double extension, jpg xxe. This should also be interpreted as yet another red flag, as if a company wanted to send an attachment there would be no need to put a double extension as seen in this case. The purpose of all this is to confuse the recipient of the email into believing that it is an image (jpeg) and not an executable (exe)

Brazil is one of the countries that need to be aware of this type of campaign. After all, ESET itself went so far as to state that the nation is one of the countries that suffer the most from trojan attacks and banking malware. For now, Mexico is where the campaign was most concentrated with the highest rate of scam activity, with 45% of detections.

Other nations include Peru (15%), Colombia (14%), Ecuador (12%) e Chile (5%). ESET claimed that companies from sectors such as agriculture and health were targets of attacks, even though the profile selected by cybercriminals is very broad. Finally, also check out the details of a malware sold on Telegram that can access cell phone resources in our latest Detective TC.