A new email phishing campaign has been discovered that employs the strategy of conversation hijacking to distribute the IcedID information-stealing malware onto targeted devices via unpatched and publicly-exposed Microsoft Exchange servers.
The most recent round of assaults, discovered in mid-March 2022, is reported to have targeted businesses in the energy, healthcare, legal, and pharmaceutical industries.