Showing only posts from category: Security

Virus Macro

Read more

#Security: Phishing with Macros once again!


And once again! Word files with Macro! But this time, I was the first one to report it to VirusTotal and Hybrid-Analysis! :)

Virus Macro!
Fig 1: VirusTotal report! Just only two: Fortinet sells hardware, and Qihoo-360 is in China (:S)...

Here you have the e-mail. The sender is this time the "BOSS Last Name" (A nice improvement! :P) without address, or something like that!

20171003 virus capture macro min

Read more

#Security: Phishing with Macros once again!


Yesterday I received again an email from an address that should look like my boss email address.

Dienstag, 3. Oktober 2017 08:34
Guten Abend,

In der Anlage das SEPA Formular und die neue Rechnungsanschrift.
http://uk-timber.co.uk/Angebot-OMHZG-046754/


Viele Grüße
Boss Name
Payload Macros Word

Read more

#Security: Phishing with Macros! (updated)


Hi!

Yesterday I received an email from an address that should look like my boss email address. It was something like this: "Boss.Name@our-institute.uni-hannover.de nancy@hillstar.brcoxmail.com" with the subject: Rech QK - 163-DA7666 Riva, Mauro and a text saying:

Guten Tag, Riva, Mauro

Als Anhang erhalten Sie Ihre Rechnung. (something like "You receive your invoice as an attachment.")

Rech:
http://blackbox-es.com/Rechnung-26375407950/ (don't click this link --> read all the post!!!)

Herzliche Grüße (Grüße: Grüße)

boss.name@our-institute.uni-hannover.de