Lokibot via fake enquiry CVE-2017-8570 malware campaign error

An email with the subject of  “Re: Inquiry”  pretending to come from AL SRAIYA HOLDING GROUP, a large consulting group in Qatar  but actually coming from “purchase manager <[email protected]>”  with a malicious word doc attachment  delivers Lokibot This malware campaign is marginally more interesting for a malware researcher because of the way the malware bad actor has misconfigured the word docs and displays this message in English & Russian. Decoy document which is opened after successful hit. Документ для пользователя который открывается после успешного пробива. These criminal gangs normally display an innocent word doc with genuine data like a list of … Continue reading →

Article Link: https://myonlinesecurity.co.uk/lokibot-via-fake-enquiry-cve-2017-8570-malware-campaign-error/