Bitdefender uncovers Omicron malware campaign


By Dylan Bushell-Embling
Tuesday, 21 December, 2021

Bitdefender uncovers Omicron malware campaign

Bitdefender has announced it has uncovered a new malicious phishing campaign designed to take advantage of the attention being paid to the COVID-19 Omicron variant.

The new campaign resembles a request to revise shipment information found in a Proforma invoice attachment, and cites new government policies in response to the Omicron variant that the recipient must pay attention to.

An attachment to the phishing email contains GuLoader, a widely used remote access Trojan downloader best known for its anti-VM capabilities to evade detection. This RAT is used to spread FormBook, an information scraper previously detected in global phishing campaigns conducted in July and September.

Over 90% of the malicious emails originate from IP addresses in the US. While telemetry suggests attention on Asia–Pacific targets, the campaign has also spread to Europe, including the UK, Germany and the Netherlands.

“We expect more threat actors to piggyback on Omicron in coming weeks, as users travel or prepare for Christmas and New Years’ celebrations. Users are advised to stick to good cyber hygiene and install a security solution on their devices,” Bitdefender said in a threat advisory.

“Keep operating systems and apps up to date and never access attachments from unsolicited emails without being able to verify their validity.”

Image credit: ©stock.adobe.com/au/enzozo

Related News

Palo Alto unveils Prisma SASE 4.0

Palo Alto Networks’ new SASE 4.0 solution aims to neutralise in-browser attacks and other...

SailPoint partners with HCLTech on identity management

SailPoint and HCLTech have partnered to provide customers with identity security solutions built...

Phishing attacks on Australian workers growing more successful

The rate of Australian workers clicking on phishing links has surged 140% since last year,...


  • All content Copyright © 2025 Westwick-Farrow Pty Ltd