Sunday, February 21, 17:21
Home security New phishing campaign "infects" Trump supporters with trojans!

New phishing campaign "infects" Trump supporters with trojans!

A new phishing campaign aims to infect supporters of their President USA, Donald Trump, with a dangerous banking trojan. THE malware campaign was spotted by Area 1 Security on August 21st. The hackers behind it, send to unsuspecting victims emails which are supposed to come from legitimate Political Action Committees (PACs), but are in fact fake.

These emails refer to widely published political issues and events, and have the subject lines “Fwd:” and “RE:” Trump supporters who are the target of this campaign, when they fall into the trap, are attacked on their system by Emotet trojan.

Trump supporters

According to the security researchers, the hackers are promoting a legitimate PAC mail program with the aim of developing a false sense of legitimacy, with completely authentic content throughout the body of the message. Every link leads to malicious sites of counterfeit PACs. The Emotet download program is contained in one of its documents Microsoft Word attached to the malicious email.

Researchers say hackers are using the phishing campaign to draw media attention to the president's decision to temporarily suspend funding to the World Health Organization (WHO) pending the outcome of a formal inquiry into the organisation's response to the pandemic. COVID-19 affecting countries globally.

The researchers also pointed out that hackers present the Emotet delivery mechanism as a message for timely and well-publicized policy issues. An email sent to Trump supporters with the subject «Fwd: Breaking: President. Trump suspends WHO funding ", prompt recipients who agreed to the funding suspension to click on a button labeled "Stand with Trump". The hackers used the displayed fake name in an attempt to hide the real address of the sender.

phishing campaign-trojan

While the sender addresses used to spread phishing emails about WHO vary, they were found to come from a legitimate account that had been compromised by its hackers. campaign. This tactic has allowed hackers to successfully pass email authentication protocols, such as DMARC. Using legitimate email addresses that have been compromised would also make it very difficult for victims to realize that they have been deceived by cybercriminals.

The researchers found that every wave detected in this phishing campaign used compromised email accounts of many small businesses around the world that lured victims with the same stolen PAC email content.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


How to add special effects to Instagram messages

Did you know that you can make instant Instagram messages more impressive? Like any other Instagram feature, you can add special ...

Only 270 addresses are responsible for 55% of all money laundering

Cybercriminals who keep their money in cryptocurrencies tend to "launder" money through a small set of online services, according to ...

Twitter: Voice messages are coming! How do we send them?

Twitter will soon support voice messages in both iOS and Android applications. This means that you will be able to send ...

How to connect a Bluetooth headset to a Nintendo Switch

The Nintendo Switch has a headphone jack. However, most headphones have become wireless so you will need a way to connect them ...

How to hide your phone number in Telegram

If you wish to create a Telegram account, you must provide your telephone number. In this way, Telegram validates the ...

Google Assistant: How can you delete your recordings?

Google Assistant can make your daily life much easier. However, it also involves some privacy issues, as ...

Microsoft: Office 2021 / Office LTSC coming in the second half of 2021

Microsoft announced that the Microsoft Office Long Term Service Channel (LTSC) and Office 2021 will be released in 2021, for ...

How to quickly create QR codes with Bing

If you ever need to create a QR code, but you do not know how, Microsoft has an easy-to-use tool available in any program ...

Brave: Onion addresses leaked to DNS traffic

The Tor function included in the Brave web browser, allows users to access .onion dark web domains within ...

What are the 6 most known attacks on gaming companies?

A few days ago, the gaming company Big Huge Games informed the players that it was the victim of an attack, which affected its data ...