Two New Malware Campaigns Found
Security researchers at Carbon Black have found two malware campaigns related to the Ursnif malware.
“This attack originally came in via phishing emails that contained an attached Word document with embedded macros; Carbon Black located roughly 180 variants in the wild. The macro would call an encoded PowerShell script and then use a series of techniques to download and execute both a Ursnif and GandCrab variant,” wrote Carbon Black in a blog report.
Carbon Black has released a detailed overview of the campaigns.
Researchers at Talos have released a list of IOCs (indicators of compromise) to help users detect and mitigate the spread of the malware.
01/29/2019
Related content
- New Ransomware Infects by Using MS Word Macros
- New Fileless Malware Discovered
-
Countering embedded malware attacks
With the resurgence of sophisticated macro virus attacks, new countermeasures are in order. We offer a few recommendations. - Vulnerable Docker Instance Sought Out by Monero Malware
- Attackers Buy Real Ads for Fake Websites
Topics
12.04 LTS
16 cores
8 cores
AMD
AMD-V
AMI
ARB
Active Directory
Administration
Amazon AWS
Amazon CloudFront
Amazon Machine Images
Anaconda
Analytics
Ansible
Apache
Apache Deltacloud
Apache benchmarking tool
ab
acceleration
acquisition
admin tools
agedu
alert
amazon
analysis
analysis
anticipatory
application performance