Wednesday, June 3, 06:17
Home security Hackers perform malicious scripts using MSI files

Hackers perform malicious scripts using MSI files

HackersHackers are very inventive when they want to do one attack. They are constantly searching for vulnerabilities, "hacking" files to serve their purposes, and much more. This time, some hackers use malicious MSI files that download and run malicious files that bypass conventional security systems.

Malware can turn off systems and targeting financial systems located in specific locations.

As the TrendMicro security company discovered, hackers carried malicious * .msi files through spam emails. Malicious files contained JScript / VBScript.

Malicious code JS is embedded in the * .msi file and downloads the text and other files from the Amazonaws server. Typically, the files contained in the malicious software have names like Jesus or dump. The text file is called desktop.txt, desktop, and desktop.ini.

First, a spam mail is sent to the victim, containing one malicious attached. If the victim opens the attachment, then his system will be infected.

According to research, hackers are targeting users in Brazil and Portugal, mainly financial institutions and institutions for the purpose of posting information.

Hackers use MSI files to bypass the security solutions used by most organizations. MSI files "masquerade" into Adobe Acrobat Reader DC and drive users to the Portuguese website.

Researchers believe that hackers use different methods in their victims in Brazil and Portugal.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Samsung Access: Samsung's new service for new Galaxy devices!

Samsung has launched a new subscription service for upgrades, starting with the Galaxy S20 series. The new service, named Samsung ...

Microsoft: The tools that will now be available to everyone!

Microsoft now has the "Virtual Assistant Accelerator" and "Bot Framework Composer" tools for its entire user base. Developers can ...

Sony: Cancel PS5 event due to Floyd case!

The event that Sony had planned for the PS5 on June 4 was postponed indefinitely, due to the deplorable situation that prevails ...

Cisco warns: These Nexus switches have been hit by a serious security flaw

Cisco has warned customers with Nexus switches running NX-OS software to install updates to address a serious flaw ...

Windows 10 May 2020 Update: Get Windows 10 for € 9.09

As we all know, Windows 10 May 2020 Update has been released. It is safer, more reliable and more efficient than ever. It is certain that with ...

Anonymous's hack includes data from previous leaks!

As protests over the death of George Floyd in Minneapolis have spread across the United States, cyberattacks have targeted police ...

Critical Exim errors have been fixed, but many servers are still at risk

The update of Exim mail servers is not fast enough and the members of the Russian hacker Sandworm team are actively exploiting three critical ...

New Cisco vulnerability that concerns you!

A new critical Cisco vulnerability has been identified that concerns you: For those who don't know, Cisco recently announced that some of the servers ...

Antifa tweets from extreme rightists call for violence!

The "Antifa tweets" that flooded Twitter and promoted violence, actually came from a well-known far-right group! The information came in ...

Apple introduces the new USB-C Diagnostic Tool

Apple introduces the new USB-C Diagnostic Tool. See the new features: Apple finally brings the new internal USB-C Diagnostic Tool, ...