07 December 2023
Formbook campaign via Libyan oil companies target Italy
According to a report on December 13, 2022, a new Formbook campaign is underway using Libyan oil companies to spread. The campaign is said to use phishing emails and has already hit Italy. The malicious emails contain 4 images and a pdf. When opening the pdf, the recipient is asked to open a link that downloads an executable which turns out to be malware. The email used is a forged email from a Libyan oil company and the link attached to it points to a URL from which the exe file "Req for Quote" is downloaded. Then Formbook, thanks to the keylogger function, is able to acquire everything the user types.
Read more about it : here