HomeUpdateHTML attachments are now a new technique for hackers

HTML attachments are now a new technique for hackers


We independently research, test, review, and recommend the best products—learn more about our process. If you buy something through our links, we may earn a commission. learn more

Last Updated on 27/01/2022 by Nidhi Khandelwal

As part of a malware campaign that began in September 2021, a new, sophisticated phishing assault has been identified that delivers the AsyncRAT trojan.

HTML attachments are now a new technique for hackers 1

The attacks start with an email message that contains an HTML attachment that looks like an order confirmation receipt (for example, Receipt-digits>.html). When the mail receiver opens the decoy file, they are directed to a web page that asks them to save an ISO file.

Unlike past RAT campaigns that direct victims to a phishing URL set up specifically for downloading the next-stage malware, the latest RAT campaign smartly leverages JavaScript to construct the ISO file locally from a Base64-encoded text and imitate the download process.

“A JavaScript code hidden inside the HTML receipt file generates the ISO download from within the victim’s browser, not from a distant server,” Dereviashkin added.

HTML attachments are now a new technique for hackers 2

When the victim accesses the ISO file, it is mounted as a DVD Drive on the Windows host and contains either a.BAT or a.VBS file that continues the infection chain by executing a PowerShell command to fetch a next-stage component.

This causes a.NET module to be executed in memory, which then functions as a dropper for three files, each of which acts as a trigger for the next, to deliver AsyncRAT as the final payload, while also scanning for antivirus protection and setting up Windows Defender exclusions.

Nidhi Khandelwal
Nidhi Khandelwal
Nidhi is a tech news/research contributor at TheDigitalHacker. She publishes about techno geopolitics, privacy, and data breach.
- Advertisment -

Must Read

Data Science Drives Personalized Marketing and Customer Engagement to New Heights...

Personalized marketing and customer engagement are crucial for businesses to thrive in the current digital era. Because data science makes it possible for marketers...