Threat actors responsible for the BazaLoader malware designed a brand-new bait to trick website owners into opening malicious files: fake notifications concerning the internet site being engaged in distributed denial-of-service (DDoS) assaults.The notifications contain a legal risk and a file stored in a Google Drive directory that supposedly provides evidence of the source of the strike. Phony lawful threats The DDoS theme is a variation of another bait, a Digital Millennium Copyright Act (DMCA) infringement complaint, link to data that allegedly includes documentation of copyright infringement.Brian Johnson, a website developer, and designer posted last week concerning his two clients receiving legal notifications about their websites being actually hacked to operate DDoS assaults versus a major company (Intuit, Hubspot). The sender was threatened with a lawsuit unless the recipients failed to “immediately clean” their website of the malicious files that assisted in deploying the DDoS attack. “I have shared the log file with the recorded evidence that the attack is coming from [example.com] and also detailed guidelines on how to safely deal with, find and clean up all malicious files manually in order to eradicate the threat to our network,” read the fake alert. The malicious sender also included a link to a file hosted in Google Drive claiming to provide evidence of the DDoS attack and its origin.Earlier this year in April, Microsoft researchers warned about this technique used by attackers to deliver IcedID. At the time, only the lure and the payload were different. It was Matthew Mesa, a security researcher at Proofpoint, who unearthed that the campaign is sending out phishing emails that drop the BazaLoader malware.Cybersecurity website BleepingComputer has received many ..
Support the originator by clicking the read the rest link below.
