Attackers find poorly protected sites on the WordPress engine and post messages there with a proposal to download the recently released films – in the link to download the torrent, the malicious file is masked to the XMPEG_PLAYER.EXE media player, said security experts.
When attacking the company, fraudsters use phishing letters with claims about copyright violations. The malicious Efimer file is in the archive with the details of the claims, representatives of the Kaspersky Lab said.
After starting, Trojan penetrates the computer, looking for lines resembling sid frazes, and replaces the addresses for translating cryptocurrencies to addresses leading to the wallets of scammers. Users from Russia, India, Spain, Italy and Germany were faced with the attacks of Trojan, and the number of victims continues to grow, experts said.
Earlier, experts of the Kaspersky Lab reported SparkKitty-a new malicious program for iOS and Android, created for the theft of cryptocurrencies for users from Southeast Asia and China.
Source: Bits
I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.
