Vidar Spyware is Now Hidden in Microsoft Help Files

by
janrinok
from SoylentNews on (#5XK5S)

upstart writes:

Vidar spyware is now hidden in Microsoft help files:

A new cybercrime campaign has been discovered that abuses Microsoft HTML help files to distribute the Vidar malware.

Cybersecurity researchers from Trustwave reported of a threat actor distributing Vidar through an email spam campaign. In it, the attackers would send a relatively generic-looking email, with the attachment file "request.doc".

That file is not a .doc file, but instead, an .iso disk image, carrying two separate files: a Microsoft Compiled HTML Help file (CHM), often titled pss10r.chm, and an executable file, titled app.exe.

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments