Dangerous invoices and infrastructure

You have to know that most bad hackers are lazy and cheap. One of the main ways that give them up is the reuse of their infrastructure. Most hackers are caught by identifying patterns of habit and convenience. For example, it is useful to examine a malware sample, even if it fails to trigger due to age because it is likely that other samples are using the same infrastructure or deployment system.

Cybersecurity experts found that Microsoft Office macros are still the number one way that malware is being delivered via email, accounting for 45% of all malware delivery ways.

The most convincing phish, are those which imitate a common business practice, such as Purchase Orders. Many will open a Purchase Order received in email, even if they don’t recognize the company name. Big Mistake!

Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;

Last week three consecutive daily email blasts were identified, each sample had two email attachments, and they were all the same attachments only with different names.

The two 386KB files all had the same hashes. After some investigations, researchers found that kc.exe was the target that the malicious code wanted to infect. It’s clear that this hacker continued delivering his malware trough all three emails.

Regardless of what this malware actually does, there are two takeaways here. Malware continues to spread by imitating common business practices, such as processing Invoices and Purchase Orders. And hackers continue to rely on Habit and Convenience, which means they are still able to be tracked by looking at their infrastructure choices.

We would continue to monitor this cyber problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.