McAfee Labs

Macro Malware Associated With Dridex Finds New Ways to Hide

Macro malware is on the upswing and cybercriminals are always searching for new ways to deceive users and evade detection. McAfee Labs recently discovered a W97M/Downloader variant that uses a new technique to obfuscate its malicious intentions. Almost one year ago, we discovered Microsoft Office XML documents containing compressed MSO ActiveMime objects. These objects extract an encrypted OLE …

McAfee Labs

Update to Gate.Worm File Infector Hijacks Files

Parasitic malware has been always a headache. Valid files on the host computer are transformed using different techniques into malware by adding malicious code to them. Most of the time, the users affected by this kind of malware continue using their applications without realizing they are infected. The malware authors take care to transfer control back to the legit …

McAfee Labs

‘Banking’ Malware Dridex Arrives via Phishing Email

Microsoft Office scripting malware has become more and more common and aggressive lately as malware authors constantly develop new techniques to evade detection and deceive users. This kind of malware, as mentioned in previous posts, usually arrives as an attached document within a phishing email. After the “document” is opened, it downloads the second-stage payload, …