Security News > 2021 > May > FBI spots spear-phishing posing as Truist Bank bank to deliver malware
Threat actors impersonated Truist, the sixth-largest US bank holding company, in a spear-phishing campaign attempting to infect recipients with what looks like remote access trojan malware.
In one of the attacks targeting a renewable energy company in February 2021, the phishing emails instructed the target to download a malicious Windows app mimicking the legitimate Truist Financial SecureBank App and supposedly needed to complete the process behind a $62 million loan.
"The phishing e-mail appeared to originate from a United Kingdom-based financial institution, stating the US financial institution's loan to the victim was confirmed and could be accessed through an application which appeared to represent the US financial institution."
To increase their attacks' success rate, the attackers used malware currently undetected by anti-malware engines on VirusTotal.
As further detailed on the VirusTotal page for the malware sample shared by the FBI, the attackers can use the malware to log keystrokes and take screenshots of the victims' screens.
Last month, world-leading employment agency Michael Page was impersonated in a similar phishing campaign attempting to infect recipients with Ursnif data-stealing malware capable of harvesting credentials and sensitive data from infected computers.
News URL
Related news
- FBI wipes Chinese PlugX malware from over 4,000 US computers (source)
- FBI deletes Chinese PlugX malware from thousands of US computers (source)
- FBI wipes Chinese PlugX malware from thousands of Windows PCs in America (source)
- FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation (source)
- FBI removed PlugX malware from U.S. computers (source)
- FBI Deletes PlugX Malware from Thousands of Computers (source)
- Russian Star Blizzard Targets WhatsApp Accounts in New Spear-Phishing Campaign (source)