Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Heartbreaking Emails: "Love You" Malspam, (Thu, Jan 10th)

Large

Introduction

Malicious spam (malspam) using zipped JavaScript (.js) files as email attachments--this is a well-established tactic used by cyber criminals to distribute malware. I've written diaries discussing such malspam in July 2015, September 2015, and February 2016. I've run across plenty of examples since then, but I've focused more on Microsoft Office documents instead of .js files. I last documented .js-based malspam in May 2018.

Despite my personal focus on malicious Word documents and Excel spreadsheets, waves of malspam using zipped .js files were still happening. So I decided to watch for these .js files as 2019 rolled around.

It didn't take long. Earlier this week, I ran across zipped .js attachments from a wave of malspam. The attachment names all started with Love_You_, and subject lines indicated these were love letters. A quick Twitter search showed this tactic was used to distribute GandCrab ransomware as recently as November 2018. Further research revealed...(continued)

View All Trending Stories