Social Engineers Launch New Attack on Embattled Banks

As a number of major U.S. financial institutions deal with the aftermath of what was perhaps the largest DDoS campaign ever, researchers at FireEye are reporting on a separate phishing attack that establishes a channel of malicious communications on its victims’ computers.

What has the makings of a targeted attack campaign against several high-value industries is using a Trojan that employs rigged PDFs to deliver its payload. Targeting organizations in the defense, chemical, technology, and aerospace industries, the MyAgent trojan is primarily spreading through email as a zipped .exe file or PDF attachment, according to researchers at the FireEye Malware Intelligence Lab.

A security researcher has discovered a vulnerability in Facebook’s messaging system that could allow an attacker to send executable attachments to anyone on the popular social network. The vulnerability is such that an attacker doesn’t necessarily need to be friends with the person to whom he sends the message.

A new scam has been circulating the internet lately that aims to swindle Amazon sellers by generating fake receipts. Amazon Receipt Generator, an executable file, has been making the rounds on hacking forums for the last few months.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.