Formbook is a well-known data stealer and form grabber malware family. Sold as “malware as a service” on hacking forums since early 2016 and typically distributed via malspam containing malicious attachments and its scope and effects have been global.
Security experts say that FormBook is on the list of malicious software in demand among scammers. This was confirmed by F-Secure in a report where it says: “Of the malicious emails with the COVID-19 topic with attachments, 75% of the attachments were Lokibot or Formbook.” And it is that this topic is popular in the search for the times we live in, and it is that if they give you information on this topic whether you want it or not, you are curious to see what it says.
Despite how easy it is to set up and use, the malware has advanced theft features, including the ability to extract stored and logged user information. Furthermore, the FormBook thief is able to search, view and interact with files and take screenshots. In addition, it is distributed through email campaigns that use a wide range of infection mechanisms and can contain several attachments. Among the most commonly observed attachments are PDF, DOC, or EXE, or ZIP, RAR, ACE, and ISO files.
The problem with this and why someone’s criteria is essential is that after acquiring or downloading the malicious file, the only thing that is needed to start the contamination is that the file is opened, the one that exploits the latest vulnerabilities or can be injected in processes and configure function links using known problems, in addition, the virus copies itself and changes its name to a directory that differs according to the user’s privileges.
The problem with this virus is that it is freely accessible for download in open hacker forums, as well as that it is easy to configure without any programming knowledge, but it also comes equipped with some very advanced anti-evasion techniques, which make it its detection with antivirus software is very difficult.
See also:
Frauds by Email wich you should know
Threats you face every day within E-mail
Vicious Panda – Malware that uses the pandemic
