Microsoft Outlook targeted by new malware attacks allowing sneaky hijacking
Posted by:
John Harrison
Security researchers have identified a new malware named FinalDraft that operates through draft emails in Outlook to carry out malicious activities like data exfiltration and executing PowerShell commands. The malware is part of a sophisticated toolkit used in a campaign targeting government organizations in South America and Southeast Asia. The attack involves a loader called PathLoader and multiple post-exploitation utilities. By utilizing the Microsoft Graph API, FinalDraft establishes communication channels and executes various commands, making it challenging to detect and analyze. While the specific method of infection remains undisclosed, typical tactics like phishing and social engineering are assumed. The malware has been found on government computers in South America, with links to victims in Southeast Asia, indicating a widespread threat. Although the attackers behind this campaign remain unidentified, the nature of the attack suggests potential espionage motives. For comprehensive details, analysis, and mitigation strategies, further information is available through the provided link.
Recent Posts1
