FortiGuard Labs recently observed several targeted phishing campaigns in Taiwan that use themes designed to exploit local business processes. These campaigns disseminate Winos 4.0 (ValleyRat) and subsequent malicious plugins through weaponized attachments or embedded links.
The lures mimic official communications, such as tax audit notifications, tax filing software installers, and cloud-based e-invoice downloads. Fortinet researchers analysis of domain registration data reveals that attackers use a rotating set of domains and cloud services to host and distribute malware. The highly volatile nature of this infrastructure renders traditional, static domain blocking insufficient as a primary defense. Over the past two months, the researchers have identified various delivery techniques, including malicious LNK files used for a downloader.
Read more…
Source: Fortinet
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Canada: House of Commons hit by cyberattack from ‘threat actor’
August 14, 2025
The House of Commons and Canada’s cybersecurity agency are investigating a significant data breach caused by an unknown “threat actor” targeting employee information. According to an internal email obtained by CBC News, the House of Commons alerted staff on Monday that there was an information breach. It said a malicious actor was able to exploit a ...
- Norway spy chief blames Russian hackers for hijacking dam
August 14, 2025
Russian hackers briefly hijacked a dam in Norway in early April and spilled millions of gallons of water before the attack was stopped, Norway’s spy chief revealed Thursday. The hackers opened a floodgate at the Bremanger dam in western Norway to release the equivalent of about three Olympic-sized swimming pools of water during the four hours ...
- Cyber attack on Nigeria Customs Service disrupts clearance operations
August 14, 2025
A cyber attack on the Information Communication Technology (ICT) platform of the Nigeria Customs Service (NCS) has caused significant disruptions to cargo clearance operations at ports across the country. Licensed Customs agents are already counting their losses to demurrage charges on their consignments as a result of the disruption. Confirming the development, NCS spokesman and Assistant ...
- New trends in phishing and scams: How AI and social media are changing the game
August 13, 2025
Phishing and scams are dynamic types of online fraud that primarily target individuals, with cybercriminals constantly adapting their tactics to deceive people. Scammers invent new methods and improve old ones, adjusting them to fit current news, trends, and major world events: anything to lure in their next victim. Since our last publication on phishing tactics, there ...
- FBI: Fictitious Law Firms Targeting Cryptocurrency Scam Victims Combine Multiple Exploitation Tactics While Offering to Recover Funds
August 13, 2025
This updated advisory provides additional red flag indicators and due diligence measures to help victims who have been in contact with fictitious law firms conducting this fraudulent activity. This scheme combines a number of exploitation tactics including targeting vulnerable populations, particularly the elderly; exploiting victims’ emotional state and financial need to recover funds from a previous ...
- Pandora cyber attack highlights growing threat to ecommerce
August 13, 2025
The global jeweller, Pandora has recently fallen victim to a cyber attack — becoming the latest high-profile cyber incident. Last week, Pandora confirmed that it had been hit by a cyber attack, with customer data being breached as a result. However, the company claimed that no confidential information, such as passwords and credit card details, was ...