This time some hackers have unleashed a malware hidden inside a Christmas letter signed by the activist Greta Thunberg.
— ExecuteMalware (@executemalware) December 19, 2019
The message sent, besides the Christmas wishes, invites readers to open a document attached to the email containing the reasons for Greta’s environmental protests.
It also invites everyone to send the message to all their contacts, which definitely helps to spread the malware.
The message itself is not dangerous, but the attached document, which is a .doc file named “Support Greta Thunberg”, is a malware.
Once opened, a PowerShell command is launched that starts downloading the Trojan Emotet, which is a banking malware that recovers the access credentials of the victims by integrating into the browser to retrieve all sensitive data.
This type of malware was discovered as far back as 2014 and had spread mainly in Germany, Austria and Switzerland.
As if that wasn’t enough, the same malware is also used to create a botnet to manage it as MaaS (Malware as a Service) and thus allow other people to connect to the victims’ electronic device and upload malware for crypto mining.
It is becoming increasingly common for cybercriminals to use the names of famous people to launch such malware attacks: only recently, another virus was hidden in a photo of singer Taylor Swift.
In such cases, when strange and suspicious emails arrive, the first thing to do is to delete them in order to eliminate all kinds of threats.
According to a recent study by Bitdefender, in 2020 malware will be a growing problem mainly because of the few investments in cybersecurity and because there are ever more open-source software and people using cloud programs.