From bleepingcomputer.com
Roughly 100 organizations were targeted in a large scale spear-phishing attack during early July by a malspam campaign distributing LokiBot information stealer payloads.
The attackers targeted businesses from all over the world in their credential theft attack, with a focus on companies from the United Arab Emirates, Germany, and Portugal.
The info-stealing Lokibot malware—a strain known to have been advertised and sold on various underground sites—was the threat actors’ tool of choice for harvesting and exfiltrating sensitive data once they would manage to compromise and infect their targets’ computers.