Summary Several recent phishing campaigns have attempted to deliver a variant of the Dridex banking trojan via payloads staged on Slack and Discord CDNs. This is DoppelDridex, a modified variant of original Dridex malware. It is operated by the financially motivate eCrime adversary tracked as DOPPEL SPIDER. Additional tooling is often delivered as a secondary…
![DoppelDridex Delivered via Slack and Discord](https://security-soup.net/wp-content/uploads/2019/04/Screen-Shot-2019-04-03-at-8.50.54-PM.png)