ZDNet reports that Microsoft Windows users are being targeted by a new phishing campaign involving a malicious attachment deploying the AveMariaRAT, PandoraHVNC, and BitRAT malware strains.
Threat actors behind the attack have been sending an initial phishing message purporting to be a trusted payment report that lures recipients into opening the attached Excel document, which has macros that if opened will trigger malware delivery, a Fortinet report revealed.
Researchers also discovered that the malware is being fetched through Visual Basic Application scripts and PowerShell, with the latter being divided into three to facilitate the delivery of the three malware strains.
Attackers could then leverage the malware to allow the theft of user credentials, bank information, and other sensitive data, with BitRAT noted to enable total Windows system takeovers.
However, the report did not elaborate on why the campaign needed to deliver three different malware payloads. Users have been urged to be more vigilant of emails claiming to have valuable attachment-stored data to prevent such attacks.
Malware-free intrusions have become the leading cybersecurity threat against small- to medium-sized businesses, accounting for 56% of all cyber incidents during the third quarter, SiliconAngle reports.
Four high-severity Microsoft Exchange flaws reported by Trend Micro's Zero Day Initiative were noted by Microsoft to have been addressed or not need immediate servicing as required authentication would significantly reduce their odds of being exploited, SecurityWeek reports.
Email security: The current threat landscape, the latest tools/techniques
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news