Malicious ISO File Used in Romance Scam Targeting German Speakers

Sublime Security reveals a cunning romance/adult-themed scam targeting German speakers, leveraging Keitaro TDS to deliver an AutoIT-based malware loader. Learn how this sophisticated campaign operates, its deceptive tactics, and the hidden payload.

A recent cyberattack campaign is preying on German speakers with a deceptive adult-themed and romance scam to deliver malware. The sophisticated operation leverages a legitimate traffic distribution system (TDS) called Keitaro TDS to redirect unsuspecting victims to malicious domains. This campaign was discovered by the security research firm Sublime Security, and they exclusively shared their findings with Hackread.com.

Report authors, Sublime Security’s detection engineer Bryan Campbell and threat researcher Brian Baskin, explained that the emails involved in this campaign use enticing language and offer links to explicit content, aiming to draw the recipient in.

A key warning sign identified by Sublime’s AI-powered detection engine was the inclusion of a password for a protected archive ...