Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks
Feb 24, 2021
New research has uncovered a significant increase in QuickBooks file data theft using social engineering tricks to deliver malware and exploit the accounting software. "A majority of the time, the attack involves basic malware that is often signed, making it hard to detect using antivirus or other threat detection software," researchers from ThreatLocker said in an analysis shared today with The Hacker News. QuickBooks is an accounting software package developed and marketed by Intuit. The spear-phishing attacks take the form of a PowerShell command that's capable of running inside of the email, the researchers said, adding, a second attack vector involves decoy documents sent via email messages that, when opened, runs a macro to download malicious code which uploads QuickBooks files to an attacker-controlled server. Alternatively, bad actors have also been spotted running a PowerShell command called Invoke-WebRequests on target systems to upload relevant data to