Dridex Lures Employees To Open Malicious Docs Via Fake Emails

Share post:

Dridex, banking malware is currently being used to deceive employees into clicking on malicious Excel documents.

The malicious documents were sent to employees via fake employee termination emails.

These emails use the subject line “Employee Termination.” The content informs recipients that their employment will end on December 24th, 2021.

The email pointed out that “this decision is not reversible.” Embedded in the email is an attached Excel password-protected spreadsheet named ‘TermLetter.xls.”

As soon as an employee opens the Excel spreadsheet and enters the password, a blurry “Personnel Action Form” appears, asking them to “Enable Content” to display it properly.

Once activated, the victims receive a “Merry X-Mas Dear Employees!” pop-up message. Unknown to the victims, a malicious HTA file was stored in the C:\ ProgramData folder during the process. HTA contains a malicious VBScript that downloads Dridex from Discord to infect the device.

In order to mitigate this type of attack, users who receive such emails are advised to contact their human resources department or employees before opening the email.

For more information, read the original story in BleepingComputer.



Related articles

Okta’s login flaw exposes users to attack, says Mitiga

According to Mitiga, Okta's login system contains a simple error that could expose its users to future attacks. Users...

Musk’s failed takeover attempt caused his departure from OpenAI

According to a Semafor report, Musk's departure from OpenAI in 2018 was not due to a desire to...

Replika brings back erotic roleplay

Replika has reinstated erotic roleplay for some of its users after recently removing adult content. Customers have welcomed the...

GPT-4 shows human-level performance

Microsoft AI researchers published a paper claiming that the OpenAI language model powering Microsoft's Bing AI exhibits "sparks"...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways