A surge of malspam campaigns has been recently attributed to Emotet botnet. Taking advantage of password-protected archive files, the notorious trojan drops CoinMiner and Quasar RAT on the systems it takes over. In an attack chain detected by Trustwave SpiderLabs researchers, an invoice-themed ZIP file lure was found to contain a nested self-extracting (SFX) archive, with the first archive […]
The post Emotet Botnet Drops Malware via Self-Unlocking Password-Protected RAR Files appeared first on Heimdal Security Blog.
Leer másHeimdal Security Blog
