Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Vast email malware outbreaks – efaxCorporate and Xerox copiers

Wednesday the 24th saw huge of amounts of email-attached malware distributed – all with an “office” theme. The attacks pushed the amount of email up by several hundred percent and totaled near five billion emails sent worldwide.

The first part of the day saw emails describing an attachment as being the scan from a Xerox Workcenter. This is not a new ploy – we described one of these in detail in February last year. Last year’s version was an actual PDF file with an embedded malicious script. Yesterday’s file was a zipped executable.

The second part of the attack moved on to eFaxCorporate, announcing the arrival of a (21 page) fax message. Once again the attachment was an executable file pretending to be a PDF. The file is detected as W32/Trojan2.NTLB by Commtouch’s Antivirus. The malware scans the infected system for FTP programs – no doubt looking for FTP credentials that can be stolen to access and compromise Web servers (which can then be used to serve malware links).

You might also like

Protect Office 365 Email from Ransomware

Ransomware is continually evolving. It has become the “most prominent malware threat”, with experts estimating that ransomware attacks in 2021 resulted in total damage costs of $20 billion. While there is no ransomware that specifically targets Office 365 data, it can...