Cutwail Botnet-Led Dridex and Malicious PowerShell Related Attacks, Increase with new Scripts


IBM X-Force intelligence has observed an increase in the Cutwail botnet-led Dridex-related network attacks. Dridex is shipped via e-mail with booby-trapped macros as a second-stage attacker after the original document or spreadsheet arrives. Recipients who unintentionally trigger the macros, launch malware that will install more malware in a PowerShell script. Currently, in Italy and Japan, X-Force is seen to be examining relatively smaller campaigns.

Read more…