An unwelcome souvenir is an alleged Amazon gift cards. In December 2020, the cyber Nocturnus team tracked down hacker campaigns related to the holiday period and especially to online shopping. For obvious reasons, 2020 is a year in which consumers have changed their shopping habits or have had to change and now do the majority of their purchases online.
End users have long been a target for cyber attackers. The sharp rise of online shopping as a result of the pandemic makes this type of attack even more attractive. The pandemic has accelerated the shift from stores to online shopping by an order of magnitude of five years. Cyber attackers are closely following these methods in order to capitalize on them. A recent campaign used scams with counterfeit Amazon gift cards to infiltrate the notorious Trojan.
The Most Important Results At A Glance
Threat actors take advantage of the Christmas in a targeted manner: Cyber attackers benefit from the increasing purchases of online shopping and with Amazon, target users of one of the most popular shopping network.Targets in the US and Western European countries: The vast majority of victims appear to be in the US and Western Europe.
Social engineering: The campaign uses legitimate mails, icons and naming conventions to deceive victims and trick them into downloading the malicious attachments. Multi-stage: Each of these infection contains several stages, either one unpacks a password protected document that contains various files or runs commands to connect to the C2 server.
The current campaign is directed against end users. They are mistakenly told that they have received an Amazon gift card. If the victim falls for the malware, the target can be hacked different ways.