Experts from CERT Orange they reportedthat e-mails with the content “Please confirm our payment” are sent to PKO BP bank customers. The archived file “20241118 PKO Bank Polski – Confirm payment.pdf.exe” is attached to the message. It contains the Quasar RAT virus, which is dangerous to our computers.
Cyber ​​attack on PKO BP bank customers. It's better to be careful about the emails you receive
“Quasar RAT (Remote Access Trojan) is open-source software written in C#. It allows criminals full remote access to computers on which it is installed. It is equipped with, among others, keystroke logging functions, allows remote access to terminal and file system. It also allows you to steal saved credentials from browsers and other system applications,” CERT Orange said in a statement.
Cybersecurity specialists warn against receiving e-mails because they appear to resemble real messages from the bank – including: being written in correct Polish. After downloading the file mentioned above, our computer quickly becomes infected.
Fraudsters also try to steal our data via SMS
Let us recall that only at the end of October, CERT also warned against fake SMS messages. Experts then reported that fraudsters mass-sent inconspicuous text messages to Poles encouraging them to use financial aid by providing their PESEL number. Each such SMS contained a link to a fake website through which we could lose our personal data. We wrote more about this in the article: “CERT has issued an important warning. Be careful with these text messages. They're scammers“.