Spear phish uses Windows HLP files to skirt detection
Researchers have noted an increase in spear phishing targeting numerous industries, primarily in the United States, where malware evades detection by hiding inside Windows help (HLP) files attached to emails.
The HLP files are embedded in attachments that appear to users to be ZIP files. Once the files are opened, however, one of several backdoors will be downloaded, allowing an attacker to carry out a range of feats – from changing users' passwords to logging keystrokes to capturing screenshots or a number of other information-stealing tactics sent from the command-and-control server.
Symantec published a blog post on the threat Monday and disclosed that organizations in the government and the financial and manufacturing sectors were among the targets of the campaign.
- Mon, 2013-05-20 00:37
- Mon, 2013-05-20 00:32
- Mon, 2013-05-20 00:30