Malware designed to exfiltrate Quickbooks data and post it on the internet. ThreatLocker CEO Danny Jenkins said he has seen a six-to-seven-times increase in instances of PowerShell accessing Quickbooks in recent weeks. Quickbooks is one of the most-used accounting packages during tax season. Jenkins said the data will also likely be stored and used to power future spear-phishing campaigns, which rely on personal information to tailor social-engineering scams for maximum effect.
Source: https://threatpost.com/tax-quickbooks-data-theft/164253/