This phishing attack delivers three forms of malware. And they all want to steal your data

A phishing campaign targeting Microsoft Windows users delivers three different forms of malware, all designed to steal sensitive information from victims.

Detailed by cybersecurity researchers at Fortinet, those who unintentionally run the malicious attachment sent in phishing emails fall victim to AveMariaRAT, BitRAT and PandoraHVNC trojan malware.

The campaign allows cyber criminals to steal usernames, passwords and other sensitive information, including bank details. BitRAT is particularly dangerous to victims, because it can take full control of infected Windows systems, complete with the ability to view webcam activity, listen to audio through the microphone, secretly mine for cryptocurrency that goes into a wallet owned by the attackers and download additional malicious files.

The initial phishing message is designed to look like a payment report from a trusted source, with a short request to open an attached Microsoft Excel document.

SEE: Cybersecurity: Let’s get tactical

This file contains malicious macros and researchers note that when the document is opened, Microsoft Excel flags potential security concerns about the use of macros. If the user ignores this and opens the file, it starts the process of delivering malware.

Using Visual Basic Application (VBA) scripts and PowerShell, the malware

Read More: