Security solutions provider Symantec is warning Australian users about a cybercriminal campaign which seeks to install a piece of malware on as many computers as possible.It’s uncertain what the attackers are trying to accomplish and they don’t seem to have a specific target.
The malicious emails appear to originate from various Australian organizations, such as the Australian Taxation Office.
The messages purporting to come from the Taxation Office are entitled “Tax Agent Report – Delayed Tax Returns,” and they urge recipients to view their weekly reports contained in the attached file.
In another instance, the malware is hidden in files attached to itineraries entitled “Check-in Details.”
Once executed, the malware that’s attached to these emails connects to command and control servers hosted on Russian and Polish domains. Then, it downloads and executes additional malicious files.