A new malware campaign has been observed using sensitive information stolen from a bank as a lure in phishing emails to drop a remote access trojan called BitRAT.
The unknown adversary is believed to have hijacked the IT infrastructure of a Colombian cooperative bank, using the information to craft convincing decoy messages to lure victims into opening suspicious Excel attachments.
The discovery comes from cybersecurity firm Qualys, which found evidence of a database dump comprising 418,777 records that’s said to have been obtained by exploiting SQL injection faults.