Russian hackers hide Zebrocy malware in virtual disk images

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/russian-hackers-hide-zebrocy-malware-in-virtual-disk-images/

Russian-speaking hackers behind Zebrocy malware have changed their technique for delivering malware to high-profile victims and started to pack the threats in Virtual Hard Drives (VHD) to avoid detection. [...]

Windows 10 supports VHD files natively and can mount them as external drives to allow users to view the files within. Last year, security researchers discovered [1, 2] that antivirus engines do not check VHD contents until the disk images are mounted.

Researchers at Intezer discovered at the end of November a VHD uploaded to the Virus Total scanning platform from Azerbaijan. Inside the image were a PDF file and an executable posing as a Microsoft Word document, which Zebrocy malware.

Russian hackers hide Zebrocy malware in virtual disk images

Russian-speaking hackers behind Zebrocy malware have changed their technique for delivering malware to high-profile victims and started to pack the threats in Virtual Hard Drives (VHD) to avoid detection.

www.bleepingcomputer.com