Beware of this Loki Botnet mail campaign which is currently doing it’s rounds.
This attack tries to lure unaware internet users into downloading and executing the Loki Botnet.
The threat actor tries to achieve this by sending individuals emails that are loaded with malicious attachments.
What is Loki
Loki-Bot (also spelled “Loki Bot” or “LokiBot”) is an information stealer that sends login credentials and other sensitive data from an infected Windows host to a server established for each malware sample.
The mail used to lure individuals into downloading and executing the Loki Botnet Trojan:
Dear sir Please find attached order Thanks & Regards, Uttam Pathani Purchase & Stores Department AF LOGO2 ERP1_resize THE ALLIED FOUNDERS PVT. LTD. N-3, Ind. Estate, Udyambag. Belgaum 590 008. Karnataka, INDIA. Phone :- +91 831 2440924 Cell :- + 91 94801 27967 E-Mail :- [email protected] Web:- WWW.ALLIEDFOUNDERSINDIA.COM
- Do not download and/or execute the attachment
- Inform your security officer about this mail
- Beware of opening attachments or any files that are provided to you