Distribution of Malicious Excel Files Targeting Companies Amid Black Friday Season Posted By jcleebobgatenet , November 30, 2021 Malicious Excel files are being distributed to companies amid the Black Friday season. The email confirmed today (Nov 25th) is an email reported by the attacked company in Korea. Attached to the email is an Excel file that contains an Excel 4.0 Macro (XLM) macro sheet in the form of the XLSB excel binary. It checks whether the system is a domain controller then activates additional malicious features. The filename of the attached Excel file has a format of ‘promo…
APT Attacks on Domestic Companies Using Library Files Posted By jcleebobgatenet , June 4, 2021 Recently, there have been continuous attacks targeting domestic companies. Most of the malicious files collected from the companies’ breached systems have been dynamic library (DLL) files, but the files used in the attacks this time are different from general DLL files. The collected files had their normal libraries modified maliciously through a variety of methods. It has not been found how the malicious files were created in the system and what the initial attack path was. Also, due to the…
