Security researchers have discovered a new Loki Bot malware campaign targeting corporate mailboxes
Security researchers have discovered a new Loki Bot malware campaign targeting corporate mailboxes. The new campaign was discovered by Kaspersky researchers and has been active since early July. “Starting from early July, we have seen malicious spam activity that has targeted corporate mailboxes. The messages discovered so far contain an attachment with an .iso extension that Kaspersky Lab solutions detect as Loki Bot.” The malware is capable of stealing the password from browsers, messaging applications, mail and FTP clients, and cryptocurrency wallets. The messages were sent with an attachment with a .iso extension containing the Loki Bot malware. The email were sent to the email address found on public sources or from the company’s own websites. Researchers identified different types of spam email in this campaign and the first one as sending from a well-known company which is one of the popular tricks used by attackers nowadays. 
In the second one, the malicious will be sent as financial documents such as invoices, transfers, payments. 
The last one as fake orders or offers the spam mail will be as a customer placing an order or vendor offering their products. “Every year we observe an increase in spam attacks on the corporate sector. The perpetrators have used phishing and malicious spam, including forged business emails, in their pursuit of confidential corporate information: intellectual property, authentication data, databases, bank accounts, etc. That’s why today it’s essential for corporate security measures to include both technical protection and training for employees, because their actions may cause irreparable damage to the business.” said in the blog post published Kaspersky researchers.
How to prevent yourself from this type of attacks :
- Perform regular backups. Ideally, this data should be kept on a separate device, and backups should be stored offline
- Maintain updated Antivirus software for all systems
- Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited email, even if the link seems benign. In cases of genuine URLs close out the e-mail and go to the organization’s website directly through the browser.
- Keep the operating system and third-party applications (MS office, flash player, browsers, browser Plugins) up-to-date with the latest patches.
You may be interested in reading: Atlas Quantum Cryptocurrency Investment Platform Hit by Data Breach