New Malware Variant Is Delivered By Email

Office 365 users are being victimized by a new malware variant being sent by email, according to Ironscales and Sandbox. Bad actors are using a malicious #RTF file to infect machines and trick users into downloading an exe file payload. The malware was discovered on November 29 by researchers from Ironscales and Sandbox, providers of a phishing threat protection platform. The attack is a variant of “Formbook,” ready-to-sell malware that can be used by cyber-criminals who lack skill in malware, the researchers say. The malware is a form-grabber written in C and x86 assembly language, they add. Microsoft has had to patch the EQNEDT32.EXE process. It might have lost the source code for the process, meaning that it can’t patch against attacks, the firms report.