A new variant of the Houdini malware has been detected in campaigns against financial institutions and their customers.
Last week, cybersecurity researchers from Cofense said in a blog post that the new strain of Houdini — also known as HWorm — was released by its author on June 2, 2019.
Dubbed WSH Remote Access Tool (RAT), it took the variant only five days to start seeking out victims via phishing campaigns, with the overall goal being the theft of online banking credentials which can be used to make fraudulent purchases.
The phishing campaign masquerades as legitimate communication from banks including HSBC. The fraudulent emails contain .MHT web archive files which act in the same way as .HTML files.