๐ Windows PCs Infected with Backdoor Trojan via Microsoft Publisher Files
๐ก Newskategorie: IT Security
๐ Quelle: news.softpedia.com
Bitdefender security researchers say they've uncovered a spam flood spreading booby-trapped Microsoft Publisher (PUB) files laced with a new trojan that opens a backdoor on infected computers. The company says it detected a few thousands of these emails in a short period, all containing .pub files attached to the email messages. The spam itself claimed to come from various brands in the UK and China and tried to pass as orders and invoices. PUB file -> VBScript -> AutoIt script -> Backdoor Trojan The attached PUB file, when opened, would trigger a VBScript that downloads a self-extracting cabinet (CAB) file on the user's PC. This file contains an AutoIt script, a tool for running the AutoIt script, and a file encrypted with the AES-256 algorithm. Bitdefender's team noticed that a string from the AutoIt script serves as the decryption key for the latter file. The encrypted file is actually a backdoor trojan that allows crooks to connect to the i... ...