The cybersecurity news website Bleeping Computer reported on a scam they were targeted with that aimed to download a Remote Access Trojan (RAT). The company reported they received an email from a group pretending to be Venture Capitalists (VC) that wanted to invest or buy Bleeping Computer. Upon further investigation, they determined that the email wanted the company to download a messaging software, which would download a RAT in the background that would give the threat actor access to Bleeping Computer’s network.
Threat actors use a range of lures to trick organizations into downloading malware. In this case, the threat actor is pretending to be a Venture Capitalist and wishes to invest money into a company. Any time money is used in a lure, it generally intrigues the recipient to follow links or download attachments. Proper training should be provided to employees to understand that threat actors will use any lure available to try and trick employees into downloading malware.