New Attack Uses Fake Icon To Deliver Trojan
Healthcare Info Security
A new malspam campaign is delivering the NanoCore remote access Trojan as a malicious Adobe icon to infect its victims, a new report by security firm Trustwave finds.
The campaign begins with the attackers sending an email with an attachment called "NEW PURCHASE ORDER.pdf*.zipx." The attachment is an Abobe image file in RAR format, which, when unzipped using WinRAR or 72ip, downloads the NanoCore Trojan onto the victims' device.
"The motive behind the campaign is to hide the malicious executable from anti-malware and email scanners by abusing the file format of the ".zipx" attachment, which in this case is an Icon file with added surprises," the report notes.
NanoCore RAT, also known as Nancrat, has been...