Batu69 Posted July 25, 2016 Share Posted July 25, 2016 Microsoft has pulled apart a current malware campaign, and is warning against e-mails with a double-dotted script file attached. The Nemucod malware isn't new, but what Redmond discusses in this Technet post is a wrinkle designed to trap unwary eyes: a Windows Script File (wsf) attachment with an extra dot in the file extension – ..wsf instead of .wsf. [See! The headline isn't a tyop - Ed] Describing it as “social engineering for unsuspecting eyes”, Microsoft's post says the attack arrives as a .zip file, and the file list (containing the payload) pops up when viewed in an archive viewer. Microsoft says the double-dotting is probably meant to make someone think it was just a long filename that's been truncated by the system. As in past Nemucod campaigns, the payload is designed to install either the Locky or Cerber ransomware. Up-to-date malware protection should be blocking the attack, Microsoft's post states. Article source Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.