Agent Tesla and Remcos RATs Phishing Emails

Industry: Healthcare, Manufacturing | Level: Tactical | Source: Bitdefender

Threat actor groups are taking advantage of the Russian and Ukraine conflict with phishing emails fraudulently requesting aid for Ukraine distributing remote access trojans (RATs) Agent Tesla and Remcos. The phishing campaigns are observed by Bitdefender Labs with emails targeting a manufacturing organization and users with a healthcare themed email globally. The phishing emails contain malicious attachments with either a ZIP file or a weaponized Excel document. Bitdefender also warns of scams involving the donation of cryptocurrency as "cybercriminals have to intensify their efforts to redirect any financial aid into their pockets."

• Anvilogic Use Cases:
• Malicious Document Execution
• Compressed File Execution