Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Happy Mal-idays

0
0

We’re currently in a season to celebrate especially for attackers. It’s the perfect opportunity to take advantage of people distracted by the holidays and slip malicious content into the ever so tempting array of holiday emails.

Below is an example of a series of attacks we caught for an enterprise client, specifically leveraging Thanksgiving and Black Friday. You can be sure the same attackers will leverage Christmas, Hannukah, New Year’s and more.

How the attack works .

The user receives a mail promoting an irresistible deal or containing a very considerate e-card from a colleague or family member. The content is very tempting to open, and taps into the user’s holiday or shopping-spirit to get him to click.

Holiday-themed Email Examples .

In the examples below, the attacker is wishing the target a Happy Thanksgiving and tempting him to click on the attachment.


Happy Mal-idays
Happy Mal-idays
New malicious files .

At the time of writing this post, not only were the emails very tricky but the attached files were also new and not recognized by the traditional security solutions in Virus Total. Since they are unknown, the files can easily bypass mainstream solutions. If the user opens the file and clicks ALLOW, Macro code will activate and execute malicious code on the host.

New file names and hashes .

DOC-Q72443.doc 428d616dc708592fe978ecb25e9d2593762db5c3eca7b350f46084dc48076e94

DOC-Q72443.doc 428d616dc708592fe978ecb25e9d2593762db5c3eca7b350f46084dc48076e94

INV918.doc b904c6c92dd640a65c1edf0daabe943bc60061d42e14eeb76cd447de298c51d6

Untitled-11202018-204280.doc e83df82be141afc35094bb5aafb315ebd8bc4c441f7d36482b8843af7b6e08bb

Perception Point detected these with our proprietary HAP technology that detects advanced threats.

Learn More


Viewing all articles
Browse latest Browse all 12749

Latest Images

Trending Articles





Latest Images