New Bazar Trojan Slips Past Your Email Defenses!

Email security spam filtering cybersecurity

A new trojan appearing in phishing emails is tricking home users into letting hackers enter their computer or home network. A trojan is a specific kind of malware that disguises itself as a legitimate program or email attachment. This new variant of the “Bazar” trojan is equipped with anti-analysis techniques to make it harder to be detected by anti-virus software.

The phishing emails in this campaign are utilizing themes of financial incentive. For example, the emails may try to disguise themselves as fake customer complaints, fake billing statements, or a false offer of a financial bonus.  Their goal is to trick you into opening the email and click a link claiming to redirect you to download a PDF regarding the subject of the message.  Downloading the “PDF” will instead download the Bazar trojan malware onto your computer. Once the trojan has been installed on your computer, hackers can use the backdoor created by the trojan to manipulate your computer in almost any way imaginable.

Fortinet.com warns that this phishing campaign to distribute the Bazar trojan is still ongoing. As always, when checking your email, keep a close eye out for suspicious looking emails. Always be skeptical of emails with misspellings, odd symbols, or urgent messaging suggesting you take immediate action, especially if you weren’t expecting any new documents.

For Fortinet’s full threat research report, find parts 1 and 2 below:

https://www.fortinet.com/blog/threat-research/new-bazar-trojan-variant-is-being-spread-in-recent-phishing-campaign-part-I

https://www.fortinet.com/blog/threat-research/new-bazar-trojan-variant-is-being-spread-in-recent-phishing-campaign-part-II

For more information on phishing, see the following articles:

https://www.bbc.com/news/av/technology-36981625

https://www.zdnet.com/article/phishing-warning-these-are-the-brands-most-likely-to-be-impersonated-by-crooks-so-stay-alert/

https://gizmodo.com/north-korean-hackers-successfully-phished-cyber-researc-1846130385

Remember, let’s be careful out there!

               -The PJ Networks Team

Call Now Button(434) 975-0122