From threatpost.com
Quickbooks malware targets tax data for attackers to sell and use in phishing scams.
Cybercriminals are ready for tax season with new malware designed to exfiltrate Quickbooks data and post it on the internet, according to a new report from ThreatLocker.
Attackers use email to deliver the malware, which the ThreatLocker’s CEO Danny Jenkins told Threatpost is a simple, 15-line piece of code. There are two specific methods attackers used to get the malware to targets: The first is to send a PowerShell command to exfiltrate the data; and the second is to use a Word document to deliver a link or macro to retrieve a file.