A PowerShell malware downloader known as sLoad is conducting targeted, geofenced attacks across the U.K., Italy and Canada. The most recent versions of sLoad, which has been active since at least May 2018, targeted victims using sophisticated, multistep geodetection and fencing. Once the ideal targets were identified, the attacks delivered the Ramnit banking Trojan to compromise accounts and steal financial data. Despite its sophisticated nature, the attack still relies on user action to jump-start the infection process.”]