Fake Microsoft Security Office Email Delivers Neutrino Malware
Posted by: Timothy Weaver on 01/12/2017 01:33 PM
[
Comments
]
Cybersecurity researchers at Malwarebytes are warning of a new spam email campaign to infect victims with the Neutrino exploit kit malware.
The email purports to be from Benedict Brown, representing Microsoft Security Office, claiming that malware has been found on the victims system and that their banking assets have been blocked due to suspicious requests from their address.
The potential victim is directed to download a report about the suspicious activity, which of course will infect the victims system with Neutrino malware. Neutrino is capable of data theft via capturing keystrokes, from grabbing and taking screenshots, performing DDoS attacks, making spoof DNS requests, and downloading additional malware onto the infected machine.
Neutrino is popular with wannabe cyber-criminals because it does not require much experience with malware. In addition, the malware is capable of using vulnerabilities found in such programs as Adobe Reader, Java Runtime Environment, and Adobe Flash Player, all of which suffer from regular security troubles.
Downloading the fake report requires the victim to enable macros in order to do the infection. Malwarebytes is warning users to be wary of emails with attachments and to never enable macros.
Source: ZDNet
The email purports to be from Benedict Brown, representing Microsoft Security Office, claiming that malware has been found on the victims system and that their banking assets have been blocked due to suspicious requests from their address.The potential victim is directed to download a report about the suspicious activity, which of course will infect the victims system with Neutrino malware. Neutrino is capable of data theft via capturing keystrokes, from grabbing and taking screenshots, performing DDoS attacks, making spoof DNS requests, and downloading additional malware onto the infected machine.
Neutrino is popular with wannabe cyber-criminals because it does not require much experience with malware. In addition, the malware is capable of using vulnerabilities found in such programs as Adobe Reader, Java Runtime Environment, and Adobe Flash Player, all of which suffer from regular security troubles.
Downloading the fake report requires the victim to enable macros in order to do the infection. Malwarebytes is warning users to be wary of emails with attachments and to never enable macros.
Source: ZDNet
Comments
