Cyber security warning: BazarBackdoor
Beware of the recent BazarBackdoor exploit. The malware works by sending an email which contains a link to a PDF file. The email may reference a customer complaint.
According to Sophos the link may appear like this and be to a URL referencing Adobe:
The link actually leads to the Win 10 application installer (used by the Microsoft store) and the recipient will be prompted to install an ‘Adobe PDF Component’.
The app installer file comes with its own doctored digital certificate.
Amongst other things BazarBackdoor runs PowerShell to get the IP address of your network.
Kommentare