A recent attack wave involving HawkEye malware sends data stolen from its victims to another keylogger provider’s website.On 21 May, My Online Security came across a new sample of HawkEye. The actual delivery mechanism itself wasn’t unique compared to previous attacks involving the malware. In this particular instance, the attack email used the lure of a fake payment receipt to trick recipients into opening a malformed RTF file/Microsoft Word document. These attachments contained a macro script or embedded OLE object designed to infect the user with the malware.
Fake payment receipt email. (Source: My Online Security)By anal ..