Monday, April 24, 2017

Ransomware hidden inside a Word document that’s hidden inside a PDF

From Sophos Naked Security:

Ransomware hidden inside a Word document that’s hidden inside a PDF

"SophosLabs has discovered a new spam campaign where ransomware is downloaded and run by a macro hidden inside a Word document that is in turn nested within a PDF, like a Russian matryoshka doll. The ransomware in this case appears to be a variant of Locky.

Most antivirus filters know how to recognize suspicious macros in documents, but hiding those document inside a PDF could be a successful way to sidestep it, according to SophosLabs researchers.
"

No comments:

Post a Comment