A new variant of the banking trojan Dridex is part of a sophisticated phishing attack targeting users of the cloud-based accounting firm Xero. The campaign is the latest in what security experts at Trustwave said is a wave of phishing attacks against Xero and other financial and accounting services such as Intuit. As part of the campaign, attackers are spoofing messages that appear to be originating from Xero, an accounting company based in New Zealand. Messages contain malicious links that attempt to trick recipients into downloading Zip archives containing a JavaScript file.
Source: https://threatpost.com/new-dridex-phishing-campaign-delivers-fake-accounting-invoices/127867/