Security News > 2020 > July > Enterprises in Americas, Europe Targeted With Valak Information Stealer
The Valak information stealer is being distributed in ongoing campaigns aimed at enterprises in North America, South America, Europe and likely other regions as well, Cisco Talos reports.
What makes Valak stand out in the crowd is the use of stolen email threads for distribution, which increases the likelihood of the victim opening the delivered attachments.
In one of the observed attacks targeting a bank, the adversary sent a reply to a months-old email, and included a password-protected ZIP file and email signatures to provide a sense of legitimacy.
In attacks targeting an insurance provider, the hackers sent responses to affidavit email threads after compromising email accounts at law firms.
Most of the attacks targeted enterprises, but some of them were aimed at personal email accounts.