A widespread email campaign using malicious Microsoft Excel attachments and Excel 4 macros is delivering IcedID at high volumes, suggesting it’s filling the Emotet void.
The banking trojan known as IcedID appears to be taking the place of the recently disrupted Emotet trojan, according to researchers.
IcedID (a.k.a. BokBot), bears similarities to Emotet in that it’s a modular malware that started life as a banking trojan used to steal financial information. Increasingly though, it’s being used as a dropper for other malware, researchers noted – also just like Emotet.
The malware has been circulating at increasing rates, thanks to a spate of email campaigns using Microsoft Excel spreadsheet file attachments, according to Ashwin Vamshi and Abhijit Mohanta, researchers with Uptycs.
In fact, in the first three months of the year, Uptyc’s telemetry flagged more than 15,000 HTTP ...
Copyright of this story solely belongs to threatpost.com . To see the full text click HERE