Sophos, a cloud-native data security firm, has discovered in its research that a new malware is being distributed through threatening email. The motive behind such socially engineered email attack is simple, to create fear among the victim and make him/her open an attachment filled with a malicious link leading to a malware download.
Andrew Brandt, the Principal Researcher at Sophos, stated that threat actors are delivering BazarBackdoor and BazarLoader malware by abusing appxbundle format used by the Windows 10 app installer.
The email that impersonates a company manager clearly saying to the target employee that a criminal complaint has been filed against him/her and he needs to follow the steps mentioned in the email content to stay out of trouble.
Threat actors then ask the targeted victim to click on an email link that leads them to malware that later steals data such as the amount of RAM and processing power existing on the infected device, along with other details such as the stored information.
Paul Ducklin, a senior research analyst at Sophos, states that such vital details (such as memory and CPU power) prove extremely important for the hacker who intends to use the malware infected devices as bots for malicious activities at later stage.
In another Threat Report released by Sophos for the year 2022, it is clearly reckons that cyber crooks will indulge more in the spread of malware such as ransomware in the coming year and their targets will be those that pay them great in monetary benefits.