Security researchers at Forcepoint have spotted a new spam campaign that is abusing compromised FTP servers. The Dridex banking Trojan is a long-running malware that has been continuously improved across the years. The malicious email campaign was first noticed by Forcepoint on January 17, 2018, the messages were primarily sent to top level domains (TDLs) most of them in France, the UK, and Australia. The sender domains used are observed to be compromised accounts, the sender names rotated around the following names, perhaps to make the emails look more convincing.”]
Source: https://securityaffairs.co/wordpress/67950/malware/dridex-banking-trojan-campaign-2.html