Reading Time: ~ 2 min.

Tax Season Brings Emotet to the Front

As Americans prepare for tax season, Emotet
authors have started a new campaign that imitates a W-9 tax form requested by
the target. As with most malicious phishing, an attached document asks users to
enable macros when viewing the files. This campaign can be particularly
dangerous, because many people don’t spend much time looking at W-9s since they
are only sent to contractors and clients who often quickly sign and return
them. Emotet infections can further harm companies by downloading additional
info-stealing malware and using infected machines to distribute spam campaigns.

Australian Logistics Company Faces Delays After Ransomware Attack

Toll
Group
, a major transportation company in Australia, fell victim to a
ransomware attack this week that forced them to take several vital systems
offline. Due to company cybersecurity policies, no customer data was accessed
and the damage was minimized by a quick response from their team. While many
customers have been able to conduct business as normal, some are still experiencing
issues as they wait for all of Toll Group’s systems to return to normal
operation.

Cryptomining Botnet Found on DoD Systems

A bug bounty hunter recently found an active cryptocurrency
mining botnet
hidden within systems belonging to the U.S. Department of Defense (DoD). The
bug was also being used as a silent backdoor for additional malware execution. Unfortunately,
the misconfigured server had already been illicitly accessed and the attackers
had installed a cryptominer to obtain Monero coins, but officials for the DoD
worked quickly to secure the system before further damage could be inflicted.

Maze Ransomware Targets Multiple French Industries

At least five French law firms and a construction
corporation have fallen victim to the Maze
ransomware
variant, which is known for quickly exfiltrating sensitive
information. Maze authors also made an announcement that they will begin
releasing the stolen data if the victims refuse to pay the ransom. Though only two
of the law firms have had their data posted so far, the remaining firms are
expected to be exposed if the ransom is not paid.

British Charity Falls for Impersonation Scam

The British housing charity Red
Kite
recently fell victim of an impersonation scam in which nearly $1
million was redirected to a scammer’s account. By disguising their domain and illicitly
accessing previous Red Kite email threads, the attackers were able to
impersonate a contracting company without payment system safeguards stopping
the payment or notifying victims that anything was abnormal until it was too
late.

The post Cyber News Rundown: Emotet Targets Tax Season appeared first on Webroot Blog.