Dridex

Dridex spam campaign using PDF as infection vector

During this month a Dridex spam campaign using PDF documents as infection vector was spotted. I also received a couple of e-mails in my personal inbox attaching the mentioned PDF files. One of them was using the typical “scanned data” theme (subject was “Scan data” and sender “scanner at eternal-todo.com”) and the other one was related to a confirmation letter (subject was “uk_confirmation_ph764968900.pdf” and the sender “info at calmbeginnings.co.uk”). None of them was really good in social engineering, just adding some words and the attachment.

 

Dridex Spam Campaign PDF DOCM Scan Data

 

Dridex Spam Campaign PDF DOCM Confirmation Letter

 

Syndicate content