"A massive malware campaign pushed the Java-based STRRAT remote access trojan (RAT), known for its data theft capabilities and the ability to fake ransomware attacks... In a series of tweets, the Microsoft Security Intelligence team outlined how this 'massive email campaign' spread the fake ransomware payloads using compromised email accounts. The spam emails lured the recipients into opening what looked like PDF attachments but instead were images that downloaded the RAT malware when clicked... ... The STRRAT malware is designed to fake a ransomware attack while stealing its victims' data in the background." https://www.bleepingcomputer.com/ne...ve-malware-campaign-delivers-fake-ransomware/
Wait what https://www.bleepstatic.com/images/news/u/1109292/2021/STRRAT-spam-email.png That looks damn realistic. And even after you download, it's an IMAGE? That infects you Whaaaaaaaaaaaat If I've learned anything, it's to not download any file from email (unless ur friend just called u to tell u he'll send u something and you receive it instantly). They make it look EXACTLY like a pdf, and even after you download it, apparently it's an image that contains a virus waaaaaat
The .pdf attachment is actually a .jar file. Assume a double suffix being deployed; e.g. *.pdf.jar. Unless you have Java runtime installed, the .jar file attachment won't open; i.e. run. -EDIT- Also per the GData write up, it is noted that Outlook by default blocks opening of .jar attachments.
