A newly uncovered hacking campaign is targeting employees in the insurance and retail industries with phishing emails, claiming to be from the Ministry of Justice, that infect the victim with information-stealing malware.
Uncovered by researchers at cybersecurity company Cofense, the phishing emails have the subject 'Court' and feature UK Ministry of Justice logos. They claim to provide information about 'Your Subpoena', and ask the victim to click a link because they've been ordered to attend a law court and have 14 days to comply. There's no information about what the court case supposedly relates to.
If victims click though to the link, they're directed to a cloud hosting provider which redirects them to a document containing Predator the Thief, a form of malware that's commonly up for sale on underground hacking forums.
Predator the Thief can steal usernames, passwords, browser data and the contents of cryptocurrency wallets, as well as take photos using a webcam. The malware first emerged in July 2018.
SEE: A winning strategy for cybersecurity (ZDNet special report) | phishing campaign delivers stealing malware court summons emails
