CERT Poland warns people who have not yet settled their accounts with the tax authorities about a modified software for filling in the PIT declaration - E-pity.

Cybercriminals have modified the E-pity software and embedded in it an additional module from the Zloader family. Accessing the epity2020[.]pl domain is associated with an attempt to install banker type malware which targets online banking. According to CERT the malware contains fabricated schemas for multiple Polish banks.

According to CERT Poland, after visiting the site from an Android device, an attempt is made to instal an application containing malicious code on the platform - malware from the Cerberus family.
The “password for archive” bit on the Epity[.]pl website should be worrying, according to Sekurak this is a deliberate attempt to confuse the anti-virus software.

The domain used in the attack is already listed on the CERT Poland warning list.