Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Submission + - Attackers Turn To Auto-Updating Links Instead Of Macros To Deliver Malware (helpnetsecurity.com)

Orome1 writes: SANS ISC handler Xavier Mertens has flagged and analyzed a malicious Word file that, somehow, is made to automatically download an additional malicious RTF file, ultimately leading to a RAT infection. What is curious about this particular attack is that it uses an approach that Mertens has never encountered before: the file exploits a Microsoft Word feature that can make files automatically update links included in them as soon as they are opened. The Word file tries to access the malicious RTF file and, if it succeeds, the latter downloads a JavaScript payload, which creates a shell object to spawn a PowerShell command and download a malicious PE file – the Netwire RAT.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Attackers Turn To Auto-Updating Links Instead Of Macros To Deliver Malware

Comments Filter:

If a thing's worth having, it's worth cheating for. -- W.C. Fields

Working...