Hackers using malicious CV files to infect PCs with banking trojan

Hackers using malicious CV files to infect PCs with banking trojan

A New CV-themed phishing campaign distributes banking trojan – This also highlights why one should never open unknown files sent by anonymous users.


Check Point researchers have released their latest report highlighting an increase in ‘CV-themed’ campaigns mainly in the USA, and in some parts of the UK and Romania. The researchers noted that organizations are being trapped through bogus CVs sent to their official emails. 


The phishing campaign works in such a way that the emails received by organizations in the US contain MS Excel .xls attachments loaded with ZLoader malware.


For your information, ZLoader malware is an equally notorious variant of Zeus malware and can perform a variety of tasks including stealing the victim’s login credentials, password, web browser cookies, and private data.


ZLoader malware also functions as banking Trojan, therefore, its prime targets are financial institutions and bank customers.


  


The attackers are using common subject lines like “regarding a job,” or “applying for a job” to lure victims into opening the email and click on the attachment.


When the victim opens the attachment, a message appears asking the user to ‘enable content’, and as soon as this is done, a malicious macro is activated that downloads the final payload.



Image: Check Point



After the device gets infected, the attackers can carry out financial transactions easily using the device.


See: hackers using malicious files infect banking trojan