A popular phishing campaign tries to somehow get users to believe that they've enrolled in the film streaming platform to force customers to call on a phone number for cancellation – a technique that contains BazarLoader malware that harms the computer.
BazarLoader is a C++ downloader for installing and performing other modules. In April 2020, BazarLoader was first observed by Proofpoint.
BazarLoader develops a backdoor on Windows machines that could be exploited to provide initial access to other malware attacks - even ransomware. Ryuk Ransomware is generally delivered through BazarLoader, which can have severely harmful consequences to a successful compromise amongst cybercriminals. The operation of BazarLoader demands important human contact in the implementation and installation of the BazarLoader backdoor.
The operator of the threat used customer service agents to lead victims to download and install the malware unwittingly. This campaign represents a broader pattern used as part of a sophisticated attack chain by BazarLoader threat actors that use call centers.
The initial stage of the effort, which is detailed by cybersecurity investigators at Proofpoint, involves distributing tens of thousands of phishing emails affirming to come from 'BravoMovies,' a bogus movie streaming platform created by cybercriminals themselves.
The site seems plausible and people behind it generated false film posters utilizing open-source pictures that are available online – but the way the site has numerous orthographic mistakes can suggest that something must be wrong if one looks very carefully.
The email received states that the victim has subscribed and charged $39.99 a month - but if they contact a support number, that suspected subscription may be terminated.
When ..
Support the originator by clicking the read the rest link below.
