Skip to main content

Posts

Showing posts with the label Malware Distribution Channel

Attackers rely on Google Sheets to spread malware through CSV files

  The malware appears to be a variant of the infamous NanoCore trojan. CSV files containing the malware payload circumvent Google filters using Google Sheets as a distribution method. A unique malware that uses Google Sheets has been discovered by well-known cyber security researcher Marco Ramili. The malware is found to be an improved version of the NanoCore RAT detected in 2014. It seems that attackers write malicious code in the cells of CSV files to automatically inject the system with the malware. Ramili who received a spam mail containing this CSV file,  mentioned  that one of the cells had an executable command. “A series of empty fields preceding a final and fake formula piping a CMD.exe command is spawned. By using the bitsadmin technique the attacker downloads a file called now.exe and stores it into a temporary system folder for later execution,” he said. Google Sheets as a malware vector Earlier, attackers relied on desktop applications such as Microsoft