Medium
LODEINFO malware aimed to target Japanese users is still active and can shift it’s focus to other countries as well. It is distributed via spear phishing emails by using file names related to the new coronavirus.The source of all known attacks is targeted attack emails with attachments. A Word document or an Excel document is used as the attachment file. By opening the attachment file and enabling the macro, the included LODEINFO is created and executed on the host. It can be a subject regarding coronavirus updates or pretending to be a resume or application to a company. Malware LODEINFO is being developed frequently, and attacks have been confirmed as well. It is possible that attacks using this malware will continue in the future.
Exposure of sensitive data