silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,057
Russian-speaking hackers behind Zebrocy malware have changed their technique for delivering malware to high-profile victims and started to pack the threats in Virtual Hard Drives (VHD) to avoid detection. [...]
Windows 10 supports VHD files natively and can mount them as external drives to allow users to view the files within. Last year, security researchers discovered [1, 2] that antivirus engines do not check VHD contents until the disk images are mounted.
Researchers at Intezer discovered at the end of November a VHD uploaded to the Virus Total scanning platform from Azerbaijan. Inside the image were a PDF file and an executable posing as a Microsoft Word document, which Zebrocy malware.
Russian hackers hide Zebrocy malware in virtual disk images
Russian-speaking hackers behind Zebrocy malware have changed their technique for delivering malware to high-profile victims and started to pack the threats in Virtual Hard Drives (VHD) to avoid detection.
www.bleepingcomputer.com