Security News > 2021 > September > Watch out for new malware campaign’s 'Windows 11 Alpha' attachment
Relying on a simple recipe that has proved successful time and time again, threat actors have deployed a malware campaign recently that used a Windows 11 theme to lure recipients into activating malicious code placed inside Microsoft Word documents.
Security researchers believe that the adversary behind the campaign may be the FIN7 cybercrime group, also known as Carbanak and Navigator, that specializes in stealing payment card data.
Researchers at cybersecurity company Anomali analyzed six such documents and say that the delivered backdoor appears to be a variation of a payload commonly used by the FIN7 group since at least 2018.
The names used in the campaign seem to indicate that the activity may have occurred between late June and late July, a period immediate to when news about Windows 11 started to emerge on a more regular basis.
Opening the document shows Windows 11 imagery with text designed to trick the recipient into enabling macro content.
The JavaScript is heavily obfuscated and cleaning it up reveals a backdoor that resembles other backdoors connected to the FIN7 cybercrime group, Anomali researchers say.
News URL
Related news
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)
- Beware: These Fake Antivirus Sites Spreading Android and Windows Malware (source)
- New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems (source)
- Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS (source)