On Sunday, December 11th, cyber threat analysts @crep1x, @AnFam17, and others shared information on Twitter about a new way that IcedID malware was being distributed using a website that attempts to mimic a Zoom software download page using a typo-squatting domain name “va-zum[.]com.” IcedID, also known as BokBot, is a prevalent malware threat that originally stole online banking credentials. It is currently used to deliver other malware, which has led to ransomware in some cases. Typically, IcedID campaigns use malicious files attached to email messages to deliver the final payload – using a fake software installer website is a new tactic.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.