The experts of the company Proofpoint found out the malicious program which used the payment service PayPal. The intention was to spread bank malware Chthonic. Attackers use hacked or new users’ accounts for sending e-mail messages as if the staff of the service did it requesting to pay back the money sent to the account by mistake.
The cash call service allows attaching the message where attackers can add personal information or a malicious link. In this case there are two ways. The first one implies that the user may become a victim and lose 100%; the second one is to download the virus on your computer.
The consequences are not great. According to the analysis, clickthrough was 27 times. The company PayPal has been informed already.