Emotet malware operators have recently targeted the United Nations personnel in an attack that aimed to deliver the TrickBot trojan malware. Researchers at Confense stated that a phishing campaign fraudulently representing the Permanent Mission of Norway has taken place over the last several days. The emails were sent to 600 staffers and officials in the UN.
The Permanent Mission of Norway maintains Norway’s diplomatic presence in New York. The phishing emails claimed that there was an issue with the “signed agreement” attached to the emails. If the word document containing the “agreement” was opened by a staffer, the victim received a pop-up warning asking them “enable content,” and in turn, allowing Emotet to run in the background. Emotet and other malware have the ability to steal login credentials.