Attackers deliver legal threats, IcedID malware via contact form

Sergiu Gatlan reports:

IcedID is a modular banking trojan first spotted in 2017 and updated to also deploy second-stage malware payloads, including Trickbot, Qakbot, and Ryuk ransomware.

Recently detected by the Microsoft 365 Defender Threat Intelligence Team, this phishing campaign seems to have found a way to bypass contact forms’ CAPTCHA protection to flood enterprises with a barrage of phishing messages.

Read more on BleepingComputer.

About the author: Dissent

Comments are closed.