The data-stealing TeamSpy malware has resurfaced in a spam campaign, researchers say. The malware uses DLL hijacking to write system usernames and passwords to a text file, Log%s#%.3u.txt, and send them along to the attacker s command-and-control server. The campaign relies heavily on spamming victims and tricking them into opening a rigged.zip file disguised as an e-fax file. Researchers from Danish firm Heimdal Security said on Monday they observed a new campaign launched over the weekend spreading the malware.
Source: https://threatpost.com/data-stealing-malware-teamspy-resurfaces-in-spam-campaign/123820/