New Harry Potter named malware strikes revealing a global espionage campaign

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

 

It all starts with a fake email

The hackers behind the malware, called “Voldemort,” have cleverly designed it to avoid getting caught. Just like the name Voldemort spelled trouble in J.K. Rowling’s Harry Potter series, it’s causing issues in the cybersecurity world too.

The cyber attack kicks off when you receive an email that looks like it’s from a government tax agency. According to Proofpoint, the hackers behind this campaign have been impersonating tax agencies in various countries, including the U.S. (IRS), the UK (HM Revenue & Customs), France (Direction Générale des Finances Publiques), Germany (Bundeszentralamt für Steuern), Italy (Agenzia delle Entrate), and, as of August 19, India (Income Tax Department) and Japan (National Tax Agency). Each email lure was customized and written in the language of the tax authority being impersonated.

Proofpoint analysts found that the hackers tailored their phishing emails to match the target’s country of residence based on publicly available information rather than the organization’s location or the language suggested by the email address. For example, some targets in a European organization received emails impersonating the IRS because they were linked to the U.S. in public records. In some cases, the hackers mixed up the country of residence when the target shared a name with a more prominent individual.

The email also tries to mimic the email of the government agency. For example, the US folks were sent fake emails using “no_reply_irs[.]gov@amecaindustrial[.]com”.

Credit: Proofpoint

 

HEARTLESS SCAMMERS ARE PREYING ON PEOPLE’S LOST PET ANGUISH

 

The attack cleverly unfolds on your device

Credit: Proofpoint

 

MOST TARGETED CITIES FOR TRAVEL BOOKING SCAMS

 

Voldemort uses Google Sheets to store data

Once the malware has successfully infected your Windows device, it can:

  • Ping
  • Dir
  • Download
  • Upload
  • Exec
  • Copy
  • Move
  • Sleep
  • Exit

 

HOW TO RECOGNIZE AND AVOID BEING A VICTIM OF VACATION RENTAL SCAMS

 

4 ways to protect yourself from malware attacks

1) Read sensitive emails carefully:

2) Check email domain:

3) Invest in data removal services:

 

4) Have strong antivirus software:

Best Antivirus Protection 2024

 

Kurt’s key takeaway

What measures do you think organizations should implement to better protect individuals from malware attacks? Let us know in the comments below. 

FOR MORE OF MY TIPS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

 

Copyright 2024 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.

Related posts

Unbeatable Holiday deals extended

Protecting yourself from Microsoft tech support scams

Router VPNs vs. device VPNs: Which privacy solution is best for you?