Researchers at Bromium have discovered an interesting new malware campaign specifically targeting Italy. Attackers are spamming malicious Excel documents to Italian victims. If you open the malicious Excel document, it leverages Powershell to filelessly begin the infection, but ultimately downloads and executes the Grandcrab family of ransomware. Ironically, the malicious Excel document also uses a Mario image in its payload. Watch today’s Byte to learn more about this threat, and about fileless malware in general.
Episode Runtime: 3:49
Direct YouTube Link: https://www.youtube.com/watch?v=LQVTQpaYBfY
EPISODE REFERENCES:
- Researcher’s post on Mario malware – Bromium
- Malware only targeting Italian machines – CBROnline
- Fileless malware is growing – Tech Republic
—Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply