SMS Attack Spreads Emotet, Steals Bank Credentials

2020-02-19 16:00

The SMS messages purport to be from local U.S. numbers and impersonate banks, warning users of locked bank accounts.

The messages urge victims to click on a link, which redirects them to a domain that's known to distribute Emotet.

Threatpost has reached out to X-Force researchers regarding how many victims have received the SMS messages, and which banks the messages purport to be associated with.

"Knowing that Emotet is one of the ways TrickBot payloads are dropped to infected systems, there is a possibility that this attack is a targeted campaign designed to enable the spread of the TrickBot trojan," researchers said.

Looking forward, researchers believe that this recent smishing campaign, coupled with other recent Emotet appearances, shows that its operators may be looking to launch future cyberattacks, potentially around the upcoming 2020 Olympics, which kick off July 2020.

News URL

https://threatpost.com/sms-attack-spreads-emotet-bank-credentials/153015/

#attack #bank #credential

News URL

Related news