FormBook Malware Learns New Trick

Formbook is a commercially available malware service that has come back into action. This is an information stealer that has been available as a service in secret forums since 2016, the latest variants are equipped with new capabilities of obfuscation.

FortiGuard researchers have revealed a new phishing campaign that is targeting personal information while distributing the new form of Formbook. This campaign was performed in order to hack into target systems and steal data from browsers that are commonly used, IM, email clients, FTP clients, etc.

The campaign uses phishing email that contains malicious PowerPoint documents to spread the malware. The email often poses as a reply to an old purchase and lures the victims into opening the file and viewing the whole of the document and video of the document.

The Enhancement in FormBook-

In the latest variant released, the developers have tried to make the analysis of the malware even more difficult and challenging. They have obfuscated the complete code and encrypted all the constant strings. This makes the analysis of the tool difficult for researchers. The names of all classes, variables, methods are randomly generated which does not let the viewer have a clue about its purposes.

Recent Attacks using FormBook-

TrendMicro recently reported that FormBook and several other malware were using several vaccine-related threats during the pandemic to lure the victims.


The FormBook is gaining more efficiency in its work due to the addition of anti-analysis techniques to increase the difficulty in its analysis by researchers. These qualities make the malware a more recurrent threat and demand a closer look by cybersecurity researchers.


By Hrithik Lall

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.

This site is under maintenance,
some features might not work!!!