AGENTTESLA, WORD ATTACKS EVADE DETECTION

29 Apr 2024 10:27 am GMT+0000 Date Time

Recent Campaign Unveils New Method of Malicious Software Spread
During a recent campaign aimed at spreading the malicious software Agenttesla, attackers utilized VBA macros in Word documents to carry out their attacks, as revealed by Sonicwall specialists. This attack method does not rely on a traditional fuel injection approach; instead, the malicious payload is directly loaded into the computer’s operational memory. The malicious program is controlled through the CLR Hosting mechanism, which enables Windows processes to execute the platform. This mechanism comprises various essential components, such as the .NET execution environment, the .NET class library, and the compilers for programming languages. .NET technology is widely used for developing diverse applications, ranging from desktop and web apps to mobile applications, games, and web server services.

Recent Campaign Unveils New Method of Malicious Software Spread

During a recent campaign aimed at spreading the malicious software Agenttesla, attackers utilized VBA macros in Word documents to carry out their attacks, as revealed by Sonicwall specialists. This attack method does not rely on a traditional fuel injection approach; instead, the malicious payload is directly loaded into the computer’s operational memory.

The malicious program is controlled through the CLR Hosting mechanism, which enables Windows processes to execute the platform. This mechanism comprises various essential components, such as the .NET execution environment, the .NET class library, and the compilers for programming languages.

.NET technology is widely used for developing diverse applications, ranging from desktop and web apps to mobile applications, games, and web server services.

/Reports, release notes, official announcements.