![]() Tags: AgentTesla, RAT, MaaS, Malware-as-a-Service, VBA macro, Banking And Finance MITRE ATT&CK: Input Capture - T1056 | Remote Access Tools - T1219 Thus, any such file attachment sent by unknown senders should be viewed with the utmost scrutiny, and the attachments should be avoided and properly reported to appropriate personnel. If such a file is sent to you via a known and trusted sender, that individual should be contacted to verify the authenticity of the attachment prior to opening. Attackers use this remote access trojan (RAT) as MaaS (Malware-as-a-Service) to steal user credentials and other information from victims through screenshots, keylogging, and clipboard captures.Īnalyst Comment: Files that request content be enabled to properly view the document are often signs of a phishing attack. Upon opening the malicious attachment, the VBA macro executes to deliver variants of AgentTesla which is a well-known password stealer. In this campaign, the spam email comes with a PowerPoint file as an attachment. ![]() The sentiment used here is finance related themes such as purchase orders. McAfee Labs researchers have observed a new phishing campaign that utilizes macro capabilities available in Microsoft PowerPoint. Malicious PowerPoint Documents On The Rise
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |