New jRAT/Adwind Variant Being Spread With Package Delivery Scam

February 16, 2018

At the beginning of February 2018, FortiGuard Labs collected a malicious email with the subject “UPS DELIVERY UPDATE”, as shown in Figure 1. Phishers and scammers traditionally misuse the names of well-known organizations and individuals in order to make their malicious messages seem legitimate, allowing them to more easily trick unsuspecting victims. This email message contains a fake order tracking number with a bogus hyperlink that, rather than connecting the user to a legitimate website, downloads a jar malware. After a quick analysis, I was able to determine that this malware is jRAT/Adwind.


Previous Article
Securing SD-WAN in Distributed Healthcare Environments
Securing SD-WAN in Distributed Healthcare Environments

As healthcare providers adopt digital capabilities, traditional WANs are not equipped to keep up. Learn why...

Next Article
The Connected Campus: Digital Transformation in Education

As the education space undergoes digital transformation, the IoT and artificial intelligence bring new risk...