Dridex Lures Employees To Open Malicious Docs Via Fake Emails

Share post:

Dridex, banking malware is currently being used to deceive employees into clicking on malicious Excel documents.

The malicious documents were sent to employees via fake employee termination emails.

These emails use the subject line “Employee Termination.” The content informs recipients that their employment will end on December 24th, 2021.

The email pointed out that “this decision is not reversible.” Embedded in the email is an attached Excel password-protected spreadsheet named ‘TermLetter.xls.”

As soon as an employee opens the Excel spreadsheet and enters the password, a blurry “Personnel Action Form” appears, asking them to “Enable Content” to display it properly.

Once activated, the victims receive a “Merry X-Mas Dear Employees!” pop-up message. Unknown to the victims, a malicious HTA file was stored in the C:\ ProgramData folder during the process. HTA contains a malicious VBScript that downloads Dridex from Discord to infect the device.

In order to mitigate this type of attack, users who receive such emails are advised to contact their human resources department or employees before opening the email.

For more information, read the original story in BleepingComputer.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

US supports Japans ambitions to return to leadership in chip manufacturing

Japan has embarked on a monumental $67 billion initiative to reclaim its stature as a global semiconductor titan,...

One billion dollar copyright infringement killed on appeal

The $1 billion copyright infringement verdict against Cox Communications was overturned by a federal appeals court, which ruled...

Colorado app addresses food waste and feeds “food insecure”

In Denver and Boulder, Colorado the Too Good To Go app is changing the way we tackle food...

Abuse of valid accounts by threat actors hits a high, says IBM

Attackers are finding that obtaining valid credentials is an easier route to achieving their goals, s

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways