Cybercriminals are exploiting fake invoices to spread XWorm, a trojan that quietly compromises user data. Victims open email attachments containing a .vbs file that executes malicious code without warnings. Once activated, XWorm gives attackers full control, enabling the recording of keystrokes, data theft, and the installation of additional threats.
Malwarebytes has identified the attachment as Backdoor.XWorm, which operates on a malware-as-a-service model, increasing the threat from less skilled attackers. The attack’s execution involves multiple layers of obfuscation, including an initial .vbs script dropping a batch file that ensures persistence. This sophisticated method uses techniques to hide execution and avoids detection, highlighting the evolving complexities of contemporary cyber threats.
👉 Pročitaj original: Cyber Security News
