all InfoSec news
OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal
April 17, 2024, 12:25 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
- During a threat-hunting exercise, Cisco Talos discovered documents with potentially confidential information originating from Ukraine. The documents contained malicious VBA code, indicating they may be used as lures to infect organizations.
- The results of the investigation have shown that the presence of the malicious code is due to the activity of a rare multi-module virus that’s delivered via the .NET interop functionality to infect Word documents.
- The virus, named OfflRouter, has been active in Ukraine since 2015 and remains active …
cisco cisco talos code confidential documents exercise hunting infect information investigation malicious may offlrouter organizations presence results talos threat ukraine ukrainian upload vba virus virustotal
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Threat Analysis Engineer
@ Gen | IND - Tamil Nadu, Chennai
Head of Security
@ Hippocratic AI | Palo Alto
IT Security Vulnerability Management Specialist (15.10)
@ OCT Consulting, LLC | Washington, District of Columbia, United States
Security Engineer - Netskope/Proofpoint
@ Sainsbury's | Coventry, West Midlands, United Kingdom
Journeyman Cybersecurity Analyst
@ ISYS Technologies | Kirtland AFB, NM, United States