2 min read

Threat Actors Spread FormBook Info-Stealing Trojan in Ongoing Phishing Campaign

Alina BÎZGĂ

September 09, 2021

Threat Actors Spread FormBook Info-Stealing Trojan in Ongoing Phishing Campaign

FormBook, the well-known data stealer and form grabber, has popped up once again, in a malicious phishing campaign that has spread globally.

Bitdefender researchers spotted the latest attempt at infecting recipients with the commercial malware on September 7, with most of the attacks originating from IP addresses in the Netherlands and US. The ongoing malspam campaign has reached recipients across the globe, including the United States, Italy, India, France, Germany and the UK.

The attackers are sending out a WinRAR compressed file as an email attachment (TT FORMAT COPY.r00) to spread keyloggers and form grabbers that steal victims’ personal information from various web browsers and other applications.

The phishing email used to deliver the FormBook malware mimics a request to revise information found in a Proforma invoice. However, it’s just a fake message used to lure unsuspecting victims.

“Please kindly check the format of TT I sent and confirm the information is correct that we do the TT today as your account is different this time,” the email reads.

Formbook, initially spotted in the wild in 2016, has become a notorious tool sold “as-a-service” on hacking forums. The easy-to-use interface and comprehensive data-harvesting capabilities have increased its popularity as a malicious tool to distribute phishing emails.

To prevent device and data compromise, users should always verify the origin and validity of correspondence before accessing attachments or links, and install a security solution on their devices.

Bitdefender customers are already protected from FormBook malware. The attached file is detected as Trojan.GenericKD.46937057 and blocked by both our consumer and enterprise solutions.

With Bitdefender Total Security and XEDR, users and businesses enjoy the best anti-malware protection and threat detection and response against e-threats across all major operating systems. The real-time protection feature included in our security software safeguards against e-threats, including viruses, worms, Trojans, ransomware, zero-day exploits and spyware, to keep you and your data safe.

Note: This article is based on technical information courtesy of Bitdefender Labs

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

New Malware Campaign Targets Linux and Web Apps to Install Crypto-Mining Software New Malware Campaign Targets Linux and Web Apps to Install Crypto-Mining Software
Silviu STAHIE

September 23, 2021

1 min read
What Is a VPN, How Does It Protect Me, and What Cool Perks Does it Offer? What Is a VPN, How Does It Protect Me, and What Cool Perks Does it Offer?
Filip TRUȚĂ

September 23, 2021

2 min read
Security Researcher Publishes Lock Screen Bypass for iOS 15 on Launch Day Security Researcher Publishes Lock Screen Bypass for iOS 15 on Launch Day
Silviu STAHIE

September 22, 2021

1 min read