Antivirus just can't stop this malware- masquerades as a Microsoft Word CV file | Tech News

Antivirus just can't stop this malware- masquerades as a Microsoft Word CV file

This malware, masquerading as a Microsoft Word CV file, can bypass more than 50 antivirus softwares!

| Updated on: Aug 22 2022, 13:40 IST
Online threat actors have used an ISO file to seed this malware on victims' systems. (HT_PRINT)

An antiviruses is supposed to be a sure-fire way to shield your device from the threat of malware and hackers who are always devising new ways to hijack it! But what if we say that there is malware that can't even be detected by the most potent antivirus software? That is scary! The latest report by a team of researchers has discovered that such a malware actually exists and it is capable of hiding from more than 50 top antivirus softwares.

This malware is very much capable of spoiling your system was discovered Unit 42 cybersecurity researchers. Unit 42 is a threat intelligence team at Palo Alto Networks. It was first spotted back in May, a TechRadar report suggested. According to the website, BRC4 is "a Customized Command and Control Center for Red Team and Adversary Simulation". The team at BRC4 suggests that it has employed reverse-engineered popular antivirus products to make sure that its tools can escape any detection via antivirus software.

You may be interested in

MobilesTablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
28% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

Researchers have suggested that there are likely state-sponsored actors behind this malware campaign. This is because of its design and the speed at which malware has been distributed to the victim's system.

Also read
Looking for a smartphone? To check mobile finder click here.

How has this dangerous malware been spreading?

This escape-master malware, Unit 42 observed, starts its life as a curriculum vitae (CV) file named Roshan Bandara. But this resume file carries the malware to deliver it to the potential victim's system. The resume is even being offered as an ISO file, which is a disk image file format. When a user clicks on it, it shows a File Manager window with a single file option named, “Roshan-Bandara_CV_Dialog".

Normally, the file looks like any other Microsoft Word file, but once a user clicks on the file, it opens as CMD.EXE and runs the OneDrive Updater. And here is how this malware escapes all the antivirus services and installs BRC4 on the system.

Who is exactly behind this malware campaign is still unknown, but researchers suspect it to be the Russian-based APT29 group, which have been known to weaponize ISO files in the past too.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 08 Jul, 17:59 IST

Best Deals For You