A new phishing campaign is using fake income tax assessment notices to deliver dangerous malware to unsuspecting victims across India, according to a recent report by Tech Radar.Attackers are employing sophisticated tactics, hiding malicious code behind convincing government branding and legal references to trick victims into downloading a ZIP archive, according to CYFIRMA. This archive contains a disk image file with a loader program that, in turn, triggers a disguised DLL file. The malware uses reflection-based techniques to evade detection and establishes encrypted communication with servers located in Hong Kong.This operation closely resembles known commodity RAT families, suggesting a financially motivated goal. The same loader-and-payload architecture has previously been linked to ransomware operators, indicating the potential for varied attack types. Defenses include up-to-date antivirus software with behavioral detection and verifying tax-related correspondence directly through official government channels, avoiding embedded links or unknown file executions from archives or disk images.Source: Tech Radar
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds