VISA warns for Flokibot Spear Phishing Infections



flokibot.jpgVISA warned all its merchants that multiple infosec firms reported on the emerging threat of a new malware variant identified as “Flokibot.”

While Flokibot attacks have focused on the Latin America / Caribbean region to date, this malware may represent a broader threat to the payments ecosystem. Visa is publishing this alert in order to provide clients and stakeholders with technical information, including background on the malware, indicators of compromise and suggested mitigation activities to protect the payments ecosystem.

VISA's summary: "Recently, two Flokibot campaigns compromised integrated point-of-sale (PoS) devices and other systems of multiple Brazilian merchants. Although we have no confirmation of other compromises, merchants in other countries—including Australia, Paraguay, Croatia, the Dominican Republic, Argentina, and the U.S.—were also reportedly targeted.

While Flokibot attacks have focused on the LAC region to date, this malware may represent a broader threat to the payments ecosystem. Visa is publishing this alert in order to provide clients and stakeholders with technical information, including background on the malware, indicators of compromise (IOC) and suggested mitigation activities to protect the payments ecosystem."  Here is VISA's full PDF with details.

“Spear Phishing” as Delivery mechanism

The researches identifies, in the initial phase, cyber criminals are using spear phishing mechanism for Floki payload delivery. For this, they are weaponize Microsoft word documents with malicious code in its macro and send it to the targeted audience over mails as an attachment. Once the target (victim) receives the mail and open the attachment and in case the macro is enabled on victim’s machine, the malicious payload is executed which retrieves the Floki Bot malware on intruders server.

Whitepaper: Legal Compliance through Security Awareness Training

legal-whitepaper-1.pngAre you familiar with the concept of Acting “Reasonably” or taking “Appropriate” or “Necessary” measures? Find out how this can keep you from violating compliance laws or regulations. Did you know you are supposed to "scale security measures to reflect the threat"?

This whitepaper from Michael R. Overly shows you the common threads in compliance laws and regulations. Did you know that "CIA" means Confidentiality, Integrity, and Availability, and how lawmakers incorporated that language in infosec regulations?

We have some examples of the Massachusetts Data Security Law and HIPAA to explain what is required.

Download the whitepaper now.

PS: Don't like to click on redirects? Cut & Paste this link in your browser:

https://info.knowbe4.com/whitepaper-overly-kb4


Topics: Spear Phishing

Subscribe To Our Blog


Your Coronavirus and Work From Home Resource Center




Get the latest about social engineering

Subscribe to CyberheistNews