Security News > 2022 > July > Fake copyright complaints push IcedID malware using Yandex Forms
Website owners are being targeted with fake copyright infringement complaints that utilize Yandex Forms to distribute the IcedID banking malware.
These reports allegedly contain proof of DDoS attacks or copyrighted material used without permission but instead infect a target's device with various malware, including BazarLoader, BumbleBee, and IcedID. Switching to Yandex forms.
I do have a strong faith belief that use of the copyrighted materials described above as allegedly violating is not approved by the legal copyright owner, its legal agent, or the law.
What was different with this campaign is that instead of using Google Drive or Google Sites to host their alleged "Reports" like they did in the past, the threat actors are now using Yandex Forms.
Yandex Forms is a free service that allows users to create customized online forms but can also be used by threat actors to create phishing landing pages.
As seen from the contact form submission, these copyright complaints can be pretty convincing and utilize threats of legal action to create urgency to the message.