Malspam Campaigns Use HawkEye Keylogger to Target Businesses
Researchers with IBM X-Force have uncovered a new malware campaign targeting businesses across the globe. The threat actors are sending malspam emails to companies in a great variety of industries, including “transportation and logistics, healthcare, import and export, marketing, agriculture.” If a recipient interacts with the malicious email, the HawkEye keylogger is installed on their system.
Keyloggers are malware designed to steal user information by recording keystrokes. Often they also have other data stealing capabilities, such as grabbing stored cookies and taking screenshots on a compromised system. The attackers are using HawkEye to obtain login credentials and other sensitive data, and can also employ the malware “as a loader, leveraging its botnets to fetch other malware into the device as a service for third-party cybercrime actors,” the researchers note.