all InfoSec news
OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal
April 17, 2024, 12:25 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
- During a threat-hunting exercise, Cisco Talos discovered documents with potentially confidential information originating from Ukraine. The documents contained malicious VBA code, indicating they may be used as lures to infect organizations.
- The results of the investigation have shown that the presence of the malicious code is due to the activity of a rare multi-module virus that’s delivered via the .NET interop functionality to infect Word documents.
- The virus, named OfflRouter, has been active in Ukraine since 2015 and remains active …
cisco cisco talos code confidential documents exercise hunting infect information investigation malicious may offlrouter organizations presence results talos threat ukraine ukrainian upload vba virus virustotal
More from malware.news / Malware Analysis, News and Indicators - Latest topics
What the Biggest-Ever Botnet Takedown Means
1 day, 8 hours ago |
malware.news
Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins
1 day, 11 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)