A financially motivated threat actor has been targeting German and Polish-speaking users with info-stealing malware and TorNet, a previously undocumented .NET backdoor that leverages the Tor network to evade detection. The phishing email The attacker sends out fake money transfer confirmations and order receipts via email, supposedly sent by financial institutions and manufacturing and logistics companies. A phishing email used in the campaign (Source: Cisco Talos) The emails carry a malicious attachment: a TGZ file … More
The post Europeans targeted with new Tor-using backdoor and infostealers appeared first on Help Net Security.
