Researchers at Bitdefender Antispam Lab have spotted a recent phishing campaign targeting users since the beginning of May. The phishing campaign is targeting victims as they prepare for their tax deadline. 98.34% of the attacks appear to have originated from IP addresses in Bangladesh, with 76.08% of targeted users in South Korea, 17% in Australia, and 1% in the US. The subject of the emails usually contains something about “Account Legers for 2020-2021” and contains an attachment that is encouraged to be opened. The attachment is malicious and has been downloading Remote Access Trojans (RATs) onto victims’ computers. These RATs can be used for several things, including gaining administrative level access to a computer, and if paired with a keylogger, threat actors can steal credentials and gain access to numerous accounts including bank accounts. The threat actors can also use the RAT as a gateway to other malware such as ransomware, potentially encrypting the files on the machine after they are done to hold them for ransom.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in