Think you can spot a virus? Hackers are now hiding malware inside files you open every day, like Word documents, ZIP folders, and even images. A new, sophisticated attack is tricking users worldwide.
How the Attack Works:
Hackers are sending phishing emails disguised as “Purchase Orders” from business partners. These emails contain RAR files that hide the first stage of the attack. The malware uses a 4-stage process to avoid detection, including:
Using a weaponized Office document to exploit an old but dangerous vulnerability.
Hiding code inside a normal-looking PNG image hosted on legitimate sites.
Tampering with a trusted, open-source software library from GitHub.
Finally, installing powerful spyware (like PureLog Stealer or Async RAT) that steals passwords, crypto wallets, and system data.
How to Protect Yourself & Your Business:
Scrutinize ALL Email Attachments: Be extremely cautious with unexpected files, especially RAR/ZIP archives, Office documents, or image files—even from known contacts.
Update & Patch: Ensure all Windows and Office software is fully updated. Disable the legacy “Equation Editor” component in Office.
Monitor for Suspicious Activity: Watch for unexpected PowerShell processes or system slowdowns.
Use Advanced Email Filtering: This is a critical first line of defense for organizations.