Malicious PDFs Flood the Web, Lead to Password-Snarfing threatpost.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from threatpost.com Daily Mail and Mail on Sunday newspapers.
The group behind the massive SolarWinds hacks has also been running a sophisticated email-based spear-phishing campaign, according to Microsoft. In a blog post by company VP Tom Burt, he said the Microsoft Threat Intelligence Center (MSTIC) has detected a wave of cyberattacks by the group called Nobelium against government agencies, think tanks and non-governmental organizations. Nobelium apparently sent out 3,000 emails to 150 organizations.
Stop opening PDF files you receive in shady emails, Microsoft finds malware hidden in them
Hackers are targeting people who have compromised email accounts and luring them with payment-related emails.
Shubham Verma | May 26, 2021 | Updated 12:41 IST
Highlights
Hackers use the Trojan malware called StrRAT to target compromised email accounts.
Microsoft has said its Microsoft 365 Defender can protect machines against this malware.
If you have a habit of impulsively opening PDFs that you find attached with emails that look shady at best, you need to stop doing that immediately. Microsoft s Security Intelligence has discovered a Trojan malware attack that hackers are using to target people who do not think twice before opening any PDF files attached to emails.
BankInfoSecurity
Compliance
@prajeetspeaks) • May 24, 2021
If the Outgoing Payments PDF is clicked, it downloads the StrRAT. (Source: Microsoft)
Microsoft is warning about a spam campaign that uses an updated variant of Java-based StrRAT malware that steals confidential data while disguising itself as a ransomware infection even though it does not actually encrypt data. This remote access Trojan is infamous for its ransomware-like behavior of appending the file name extension .crimson to files without actually encrypting them, Microsoft s Security Intelligence Team said in a series of tweets on Thursday. The name extension prevents users from opening the file with a double click, enabling the attackers to go for a quick and easy extortion attempt, but Microsoft notes that users can remove the extension to recover their files.
StrRAT Masquerades as Ransomware govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.