The metal company Breetec in Belgium and a couple of other Belgium companies have been breached by malware which targets the “Isabel” payment system. The malware is being spread via malicious emails which claim to hold a important attachment. Once the attachment is opened, the malware will be executed on the device, and it will setup a “Isabel transaction” in the queue.
The malware depends on the device user to perform the authentication step for other transactions, once the transaciton procedure has been performed, the malware will also execute the malicious Isabel transaction to foreign accounts.
Breetec was able to trace one of the transactions, and they were able to identify that the malicious account is located in Dubai.