Smoke Loader has been being distributed through emails. This malware is quite complete, since it aims to steal user credentials, but it is also capable of distributing ransomware or cryptocurrency mining software, two problems that are very present among users and are regularly used by threats.
It is not a new malware as you already know, and it is that researchers have known about it for several years. However, it has been updated over time, making it more difficult for antivirus solutions to detect.
The distribution of the malware is mainly carried out through spam campaigns, through an attached Word file. When opening the file, it asks for permission to run macros, through which it carries out the infection.
Cisco Talos researchers indicate that in recent times they have been introducing TrickBot. Which is a banking Trojan that has been designed to steal all kinds of credentials. Its goal is to steal passwords and personal information. To do this, use emails perfectly designed to look real and that you fall into their trap but… As we always say never trust the internet.
Smoke Loader underwent major changes to Trojans and botnets. Every time cybercriminals refine the techniques they use to go unnoticed and achieve their goal. That is why users must be alert and keep certain recommendations in mind.