In H2 2025, #ESETresearch saw a thirtyfold increase in #CloudEyE detections, amounting to more than 100,000 hits over the course of six months. CloudEyE is a #MaaS downloader and cryptor used to conceal and deploy other malware, such as #Rescoms, #Formbook, and #Agent Tesla. 1/5

🚨 FormBook malware spreads via fake installers

A new FormBook wave uses weaponized PDFs and spoofed software installers to steal passwords, browser data, keystrokes and screenshots while dropping secondary payloads. Targets include small firms and home users.

#ransomNews #FormBook #malware

Beware of new FormBook malware attacks using weaponized ZIP files and multi-layered scripts to evade detection. Stay vigilant! #CyberSecurity #Malware #FormBook #Phishing Link: thedailytechfeed.com/formbook-mal...

La CERT-AgID riassume le campagne malevole in Italia dal 25 al 31 ottobre 2025, con malware infostealer e phishing istituzionali in aumento.

#AgentTesla #CERTAgID #Formbook
www.matricedigitale.it/2025/10/31/c...

Emerging cyber threats: ComicForm and SectorJ149 deploy Formbook malware in targeted attacks across Eurasia and South Korea. Stay vigilant! #CyberSecurity #Phishing #Malware #Formbook Link: thedailytechfeed.com/emerging-cyb...

Phishing a tema Politecnico di Milano diffonde FormBook: catena d’infezione, tecniche, impatti su edilizia e difese pratiche con IOC condivisi da CERT-AGID.

#CERTAgID #Formbook #PolitecnicodiMilano #Powershell #trojanbancario
www.matricedigitale.it/2025/09/17/p...

2025-08-11 (Monday): Quick post of an #XLoader ( #Formbook ) infection, with a #pcap, email, and #malware sample available at www.malware-traffic-analysis.net/2025/08/11/i...

CERT‑AGID monitora campagne malware in Italia tra luglio e agosto: phishing, Remcos, honeypot e protezione cyber in evoluzione.

#CERTAgID #Formbook #malware #phishing #Remcos
www.matricedigitale.it/2025/08/02/c...

FormBook malware resurfaces, targeting Windows users with advanced evasion techniques. Stay vigilant and implement robust cybersecurity measures. #CyberSecurity #Malware #FormBook Link: thedailytechfeed.com/formbook-mal...

#opendir with lots of PowerShell fun (spreading #FormBook it seems) ⤵️

urlhaus.abuse.ch/host/87.120....

Screenshot of the email pushing Formbook (XLoader) malware

RAR archive from the email showing its content, a Windows executable for Formbook (XLoader)

Traffic from the Formbook (XLoader) infection filtered in Wireshark

2024-12-09 (Monday): #Malspam example pushing #Formbook / #XLoader. Attachment is a RAR archive, but the file name has a .Z file extension. Contains signed Windows EXE. Otherwise, it's just another Monday. Sample available at bazaar.abuse.ch/sample/78ab8...

FormBook, Rhadamanthys e AgentTesla i Malware Più Diffusi in Italia Sintesi settimanale del cert agid relativamente alle campagne di phishing e malware più diffusi in Italia.

#FormBook, #Rhadamanthys e #AgentTesla i #Malware più Diffusi in Italia.

Screenshot of malicious spam (malspam) with malware file attachment.

Traffic from the XLoader (Formbook) infection filtered in Wireshark.

2024-11-22 (Friday) #XLoader / #Formbook: I've been fired by my non-existent HR department. At least I got a "salary-receipt.exe" bazaar.abuse.ch/sample/003b5...

Tria.ge and Any.Run don't identify the malware, but Joe Sandbox does: www.joesandbox.com/analysis/156...

Also runs in my lab just fine

March ACCE release notes are live. Check out the latest updates here: www.ciphertechsolutions.com/acce-release... #FormBook #Rhadamanthys #EvilCoder #PureCrypter #JinxLoader