Blog | G5 Cyber Security

What the Shell? New Security Breach Uses CHM Files to Cover Banking Trojans

A Brazilian-based email attack masquerades as an email from WhatsApp, then runs PowerShell commands to download and install financial malware. A more traditional Java archive (JAR)-based attack is also ramping up in Brazil. From macro-based attacks to side-loading Dynamic Link Libraries (DLLs) and running PowerShell scripts, attackers are always looking for new ways to fool security tools and fly under the radar. If users refuse to click through to malicious email attachments and open files they arent expecting, attackers lose their edge.”]

Source: https://securityintelligence.com/news/what-the-shell-new-security-breach-uses-chm-files-to-cover-banking-trojans/

Exit mobile version