Hackers have discovered a new technique to introduce malware to your computer | #computerhacking | #hacking

HP Wolf Security cybersecurity experts have discovered a new cybercrime campaign that uses PDF files to spread the Snake Keylogger to unprotected endpoints.

First, the threat actors would send an email with the subject line “Remittance Invoice” to fool the victims into thinking they’d get compensated for something.

The email would include a PDF attachment, which would reassure the recipient of the email’s trustworthiness, while Word or Excel files are usually suspect.

The PDF does, however, include a Word document titled “has been validated.” When the victim opens the attachment, they are given the option of opening the second file or not.

This might trick the victim into believing their PDF reader scanned the file and that it’s good to go.

The message says “The file ‘has been verified’ However PDF, jpeg, xlsx, docx files may contain programs, macros, or viruses.”

The Word file, expectedly, comes with a macro that, if enabled, will download a rich text format (RTF) file from a remote location, and run it. The file would then try to download the Snake Keylogger, malware described by BleepingComputer as a “modular info-stealer with powerful persistence, defense evasion, credential access, data harvesting, and data exfiltration capabilities”.

The target endpoints still need to be vulnerable to a specific flaw, if the attack is to be successful. Researchers have found that the attackers are trying to leverage CVE-2017-11882, a remote code execution bug in Equation Editor.

The flaw was patched in November 2017, but not all device administrators keep their operating systems up to date. Allegedly, it was one of the most popular vulnerabilities to exploit in 2018, due to organizations and consumers being relatively slow to patch it up.

News Summary:

  • Hackers have discovered a new technique to introduce malware to your computer
  • Check all covering from the latest tech news updates.

Original Source link

Leave a Reply

Your email address will not be published.

+ four = fourteen