Recent Formbook malware attacks have employed advanced tactics involving weaponized ZIP files and layered scripts to effectively bypass security measures. This attack vector starts with phishing emails that contain ZIP archives holding VBS scripts, designed to resemble payment confirmations. Upon execution, these scripts initiate a complex infection process across various scripting languages, including PowerShell, ultimately leading to the installation of the Formbook malware on victim systems.
Security researchers at the Internet Storm Center noted the inefficiency of conventional antivirus solutions against this threat, revealing that only 17 out of 65 antivirus tools could detect the initial script. The low detection efficacy highlights the adept use of obfuscation techniques employed by malware authors. Each phase of the attack is meticulously crafted to circumvent standard security checks, complicating analysis by security teams. The malware’s final stage involves connecting to a command server to receive further instructions, which underscores the ongoing challenges faced in cybersecurity.
👉 Pročitaj original: Cyber Security News
