Antivirus just can’t stop this malware- masquerades as a Microsoft Word CV file
Technology

Antivirus just can’t stop this malware- masquerades as a Microsoft Word CV file

By Daisy

This malware, masquerading as a Microsoft Word CV file, can bypass more than 50 antivirus softwares!

An antiviruses is supposed to be a sure-fire way to shield your device from the threat of malware and hackers who are always devising new ways to hijack it! But what if we say that there is malware that can’t even be detected by the most potent antivirus software? That is scary! The latest report by a team of researchers has discovered that such a malware actually exists and it is capable of hiding from more than 50 top antivirus softwares.

This malware is very much capable of spoiling your system was discovered Unit 42 cybersecurity researchers. Unit 42 is a threat intelligence team at Palo Alto Networks. It was first spotted back in May, a TechRadar report suggested. According to the website, BRC4 is “a Customized Command and Control Center for Red Team and Adversary Simulation”. The team at BRC4 suggests that it has employed reverse-engineered popular antivirus products to make sure that its tools can escape any detection via antivirus software.

Researchers have suggested that there are likely state-sponsored actors behind this malware campaign. This is because of its design and the speed at which malware has been distributed to the victim’s system.

How has this dangerous malware been spreading?

This escape-master malware, Unit 42 observed, starts its life as a curriculum vitae (CV) file named Roshan Bandara. But this resume file carries the malware to deliver it to the potential victim’s system. The resume is even being offered as an ISO file, which is a disk image file format. When a user clicks on it, it shows a File Manager window with a single file option named, “Roshan-Bandara_CV_Dialog”.

Normally, the file looks like any other Microsoft Word file, but once a user clicks on the file, it opens as CMD.EXE and runs the OneDrive Updater. And here is how this malware escapes all the antivirus services and installs BRC4 on the system.

Who is exactly behind this malware campaign is still unknown, but researchers suspect it to be the Russian-based APT29 group, which have been known to weaponize ISO files in the past too.

For all the latest Technology News Click Here 

Read original article here

Denial of responsibility! TechAI is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Daisy 75553 posts 0 comments