Newly Discovered Infostealer Attack Uses LokiBot

The FortiGuard Labs SE team identified a new malicious spam campaign on August 21st,, which we discovered after an analysis of information initially found on VirusTotal. It targeted a large US manufacturing company utilizing the well documented infostealer LokiBot. Interestingly enough, this also has a compilation date of August 21st, Continue Reading

A Deep Dive into the Emotet Malware

Emotet is a trojan that is primarily spread through spam emails. During its lifecycle, it has gone through a few iterations. Early versions were delivered as a malicious JavaScript file. Later versions evolved to use macro-enabled Office documents to retrieve a malicious payload from a C2 server. FortiGuard Labs has Continue Reading

Not Today, Scammer!

A brief glance through my Spam folder in MDaemon Webmail today reminded me of the need for on-going education on the topic of phishing and Business Email Compromise (BEC) scams. Because businesses have already lost millions of dollars to these scams and continue to fall victim every day, it bears Continue Reading

Another day, another attempt to scam me – but I know a phishing attempt when I see one!

It’s just a fact of life: If there’s email, there will always be spam. Now, how much spam you have to deal with will depend on how good your spam filtering solution is. Here at MDaemon Technologies, we use our own products – MDaemon and Security Gateway, to filter out Continue Reading

Potential Ichitaro Phishing Vulnerability

The FortiGuard Labs team continually tracks phishing and spam campaigns around the world. Sending users macro-enabled documents with a malicious payload is one of the most commonly used malware attack vectors for phishing campaigns. This attack vector has been used by used by such prevalent malware families as Dridex, Fareit, Continue Reading

The Angry Spam and The Tricky Macro Delivers Updated Hancitor

  Hancitor is one of the better-known malware downloaders due to its numerous SPAM runs and evolving delivery technique. It reminds us of Upatre, which gained notoriety status over the past two years but has now died down, possibly due to the takedowns of its major payloads. In the case Continue Reading

Information-stealing Malware Is Spread Via Word Document

Recently we received a SPAM with an attachment, which is a password-protected Word document. Its MD5 is 6619356e9e0c9d2445bf777a8bea5d6a, which is detected as “WM/Agent.60F9!tr” by the Fortinet AntiVirus service. When the document is opened, the attached malicious VB script code is executed and additional malware is created and executed. Based on Continue Reading

SPF, DKIM, and DMARC: Acronym Soup or Useful Email Security?

Spam has been an constant and chronic problem since the early days of the internet.  The first unsolicited mass e-mailing (later termed SPAM) was sent on May 1, 1978 by Gary Thuerk of Digital Equipment Corp (DEC) advertising the VAX T-series to 400 of the then 2600 ARPAnet users. The Continue Reading

Use Host Screening to quickly block abuse

One of the advantages of running my own MDaemon server is that I keep an eye on a lot of the spam and abuse that’s floating around on the internet. Over the years I’ve put together a list of EHLO strings that can be used by MDaemon’s host screening tool Continue Reading

How to Create a Spam Filter

Let’s be honest, no one likes spam, not hosting providers, not web users, and certainly not us. That’s why it has become a reoccurring subject on the cPanel Blog. So, using one of our favorite features, Apache SpamAssassin, we want to equip you, the cPanel user, with a nifty trick Continue Reading