Security Awareness Training Blog

    VISA warns for Flokibot Spear Phishing Infections

    flokibot.jpgVISA warned all its merchants that multiple infosec firms reported on the emerging threat of a new malware variant identified as “Flokibot.”

    While Flokibot attacks have focused on the Latin America / Caribbean region to date, this malware may represent a broader threat to the payments ecosystem. Visa is publishing this alert in order to provide clients and stakeholders with technical information, including background on the malware, indicators of compromise and suggested mitigation activities to protect the payments ecosystem.

    VISA's summary: "Recently, two Flokibot campaigns compromised integrated point-of-sale (PoS) devices and other systems of multiple Brazilian merchants. Although we have no confirmation of other compromises, merchants in other countries—including Australia, Paraguay, Croatia, the Dominican Republic, Argentina, and the U.S.—were also reportedly targeted.

    While Flokibot attacks have focused on the LAC region to date, this malware may represent a broader threat to the payments ecosystem. Visa is publishing this alert in order to provide clients and stakeholders with technical information, including background on the malware, indicators of compromise (IOC) and suggested mitigation activities to protect the payments ecosystem."  Here is VISA's full PDF with details.

    “Spear Phishing” as Delivery mechanism

    The researches identifies, in the initial phase, cyber criminals are using spear phishing mechanism for Floki payload delivery. For this, they are weaponize Microsoft word documents with malicious code in its macro and send it to the targeted audience over mails as an attachment. Once the target (victim) receives the mail and open the attachment and in case the macro is enabled on victim’s machine, the malicious payload is executed which retrieves the Floki Bot malware on intruders server.

    Whitepaper: Legal Compliance through Security Awareness Training

    legal-whitepaper-1.pngAre you familiar with the concept of Acting “Reasonably” or taking “Appropriate” or “Necessary” measures? Find out how this can keep you from violating compliance laws or regulations. Did you know you are supposed to "scale security measures to reflect the threat"?

    This whitepaper from Michael R. Overly shows you the common threads in compliance laws and regulations. Did you know that "CIA" means Confidentiality, Integrity, and Availability, and how lawmakers incorporated that language in infosec regulations?

    We have some examples of the Massachusetts Data Security Law and HIPAA to explain what is required.

    Download the whitepaper now.

    PS: Don't like to click on redirects? Cut & Paste this link in your browser:

    https://info.knowbe4.com/whitepaper-overly-kb4

     

    Return To KnowBe4 Security Blog

    Topics: Spear Phishing

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe To Our Blog


    Security Awareness Training
    Blog RSS Feed
    Free Phishing Security Resource Kit
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews