That delivery email could be malware – here’s what you need to know

A new malware campaign by hackers known as TA544 uses delivery and shipping-themed phishing emails to drop payloads on target endpoints. The WailingCrab malware, hosted on Discord, downloads a JavaScript file when a .PDF attachment in the phishing email is opened. The malware, which has multiple components such as a loader, injector, and backdoor, needs to reach servers controlled by the hackers to retrieve the next stage.