all InfoSec news
Distribution of MSIX Malware Disguised as Notion Installer
Malware Analysis, News and Indicators - Latest topics malware.news
An MSIX malware disguised as the Notion installer is being distributed. The distribution website looks similar to that of the actual Notion homepage.
Figure 1. Website that distributes malware
The user gets a file named ‘Notion-x86.msix’ upon clicking the download button. This file is Windows app installer, and it is signed with a valid certificate.
Figure 2. The signature information of the malicious installer
The user gets the following pop-up upon running the file. Upon clicking the Install button, Notion …
app app installer button clicking disguised distributed distribution download file installer malware malware analysis msix notion website windows x86