CySecurity News – Latest Information Security and Hacking Incidents
Vidar spyware has been discovered in a new phishing campaign that exploits Microsoft HTML help files. The spyware is hidden in Microsoft Compiled HTML Help (CHM) files to bypass detection in email spam campaigns, Trustwave cybersecurity expert Diana Lopera stated.
Vidar is Windows spyware and an information stealer capable of harvesting both user data and data on the operating system, cryptocurrency account credentials as well as payment details such as credit card details.
While threat actors often distribute malware via spam and phishing campaigns, Trustwave researchers have also uncovered the C++ malware being deployed via the pay-per-install PrivateLoader dropper, and the Fallout exploit kit.
According to researchers, threat actors employ an age-old strategy of tricking people to download seemingly innocent files that are actually malicious. The malicious files contain a generic subject line and an attachment, “request.doc,” which is actually a .iso disk image. The .iso contains two separate files: a Microsoft-compiled HTML help file (CHM), often titled pss10r.chm, and an exec
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: