<\/a><\/figure>\n\n\n\nAll the malware employed in the campaigns supports various information-stealing capabilities. Attackers can exfiltrate stolen data via SMTP to a typosquatted domain, experts observed the threat actors using a compromised web server of a guest house in Romania. <\/p>\n\n\n\n
“Phishing campaigns targeting small and medium-sized businesses in Central and Eastern Europe are still going strong in the first half of 2024. Furthermore, attackers take advantage of previously successful attacks and actively use compromised accounts or machines to further spread malware or collect stolen information.” concludes the report. “As we presented, there are multiple other malware families like ModiLoader or Agent Tesla in the arsenal of these attackers, ready to be used.”<\/em><\/gwmw><\/gwmw><\/gwmw><\/p>\n\n\n\n