Online researchers are documenting a new malware campaign that they’ve named “BazarCall.” One of its primary malware “payloads” is the BazarLoader remote-access Trojan, which can give a hacker full authority over your PC and be utilized to install more malware.
BazarCall begins with a phishing email but from that point goes amiss to a novel distribution method – utilizing phone call centers to circulate pernicious Excel documents that install malware. Rather than bundling attachments with the email, BazarCall emails brief clients to call a telephone number to cancel a subscription before they are naturally charged. These call centres would then direct clients to a specially crafted website to download a “cancellation form” that installs the BazarCall malware.
All BazarCall assaults begin with a phishing email targeting corporate clients that express the recipient’s free trial is about to run out. Be that as it may, these emails don’t give any insights about the supposed subscription. The emails at that point brief the client to contact a listed telephone number to cancel the subscription before they are charged $69.99 to $89.99 for a renewal.
All these emails use similar subjects, for example, “Thank you for using your free trial” or “Your free trial period is almost over!” Security researcher ExecuteMalware has put together a more broad list of email subjects utilized by this assault. At the point when a recipient calls the listed telephone number, they will be set on a short hold and afterward be welcomed by a live individual. When asked for more data or how to cancel the subscription, the call center agent asks the victim for a unique customer ID enclosed in the email.