APT group behind the Evilnum malware seen in fintech attacks analysed

Thursday, July 9th, 2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Intelligence Briefing

Malware

APT group behind the Evilnum malware seen in fintech attacks analysed

Targets are approached with spearphishing emails that contain a link to a ZIP file hosted on Google Drive. That archive contains several LNK (aka shortcut) files that extract and execute a malicious JavaScript component, while displaying a decoy document. These shortcut files have “double extensions” to try to trick the user into opening them, thinking they are benign documents or pictures (in Windows, file extensions for known file types are hidden by default). Learn more >

Blueliv Intelligence Briefing

Your cybersecurity news summary

Intelligence Briefing

Malware

Blueliv Intelligence Briefing

Your cybersecurity news summary

Intelligence Briefing Malware

Intelligence Briefing

Malware