【2021/3/10】ばらまき型攻撃メール(Dridex)に関する注意喚起

2021年 3月10日にばらまき型攻撃メール(Dridex)が学内のメールアドレスに送信されたことを確認しました。


マクロウイルス付きxlsmファイルが添付されているものが観測されました。以下にサマリを示します。


マクロウイルス付きxlsmファイルが添付されてるもの

以下のSubjectで攻撃メールが観測されています。全てではありません。他にもあると思われます。

Subject: New Invoice(s) for C302691368 are Available to be Viewed
Subject: New Invoice(s) for C308370534 are Available to be Viewed
Subject: New Invoice(s) for C312337937 are Available to be Viewed
Subject: New Invoice(s) for C318170026 are Available to be Viewed
Subject: New Invoice(s) for C331172572 are Available to be Viewed
Subject: New Invoice(s) for C333600544 are Available to be Viewed
Subject: New Invoice(s) for C345350436 are Available to be Viewed
Subject: New Invoice(s) for C346158590 are Available to be Viewed
Subject: New Invoice(s) for C350498042 are Available to be Viewed
Subject: New Invoice(s) for C357468915 are Available to be Viewed
Subject: New Invoice(s) for C357626640 are Available to be Viewed
Subject: New Invoice(s) for C358117883 are Available to be Viewed
Subject: New Invoice(s) for C364470085 are Available to be Viewed
Subject: New Invoice(s) for C366949062 are Available to be Viewed
Subject: New Invoice(s) for C368016843 are Available to be Viewed
Subject: New Invoice(s) for C369857441 are Available to be Viewed
Subject: New Invoice(s) for C371104161 are Available to be Viewed
Subject: New Invoice(s) for C372451947 are Available to be Viewed
Subject: New Invoice(s) for C373599449 are Available to be Viewed
Subject: New Invoice(s) for C381281819 are Available to be Viewed
Subject: New Invoice(s) for C381743437 are Available to be Viewed
Subject: New Invoice(s) for C383995859 are Available to be Viewed
Subject: New Invoice(s) for C385221506 are Available to be Viewed
Subject: New Invoice(s) for C392830074 are Available to be Viewed
Subject: New Invoice(s) for C397410993 are Available to be Viewed
Subject: New Invoice(s) for C319195577 are Available to be Viewed

本文はTXT及びHTML形式が観測されています。

添付ファイルとそのSHA1ハッシュ値のまとめは以下の通りです。

1 Total New Invoices_Wendesday March 10_2021.xlsm1eab5eb7e2158d84f80a2c90fbc1c2cf0e188213
Dridexのダウンローダと思われます。

このような攻撃メールは破棄してください。添付ファイルやリンクは開かないでください。

インターネットの昨今の情勢を考えますと、今後は詐欺メールあるいはフィッシングメール、ばらまき型攻撃メールが続くものと推測されます。決して騙されないようよろしくお願いします。

本学の学生及び教職員の方で万が一ウイルスに感染した疑いがある方はは至急情報基盤センターにご連絡ください。