Cyber security news for all


    Trojan Ursnif hides itself in a Word file

    Experts are currently warning of a wave of Trojans using the Ursnif malware.  The Trojan is distributed through a zip archive attached to an email. The message can also come from a known sender. The zip archive is password-protected, so anti-virus programs cannot check the file for viruses. The password for the zip archive is in the mail text.

    Trojan Ursnif hides itself in a Word file in the zip archive. As a result, anyone who opens the Word file should activate macros. Only then can the malware infect the computer. Such macros only work with Microsoft Office. Anyone who uses another program such as Open Office should not catch a trojan.

    Ursnif is a banking Trojan that records various sensitive information. Including username and passwords from web forms. The program can also take screenshots, intercept keystrokes or load and start other software on the infected computer. The Ursnif Trojan steals usernames, passwords and personal data from web forms on the infected computer and loads additional malware. In addition, as a keylogger, it can intercept keyboard input and also take screenshots. The malware sends all captured data to a command and control server.

    Trojan Ursnif

    Antivirus Programs Cannot Warn You

    The archive is password-protected, so it is not possible for antivirus programs to scan it and alert the user. To open the archive, you will receive the associated password in the mail. If you then open the Word file, often disguised as an invoice, and activate the macro function as described in the document, you will get the malware on your computer. For security reasons, macros have long been deactivated in Word by default. However, they can be switched on with just a few clicks, which attackers exploit.

    To avoid infection, you should generally be critical of links or email attachments – especially if you receive a message without being asked. If the mail comes from a known sender, you should inquire by phone or in person whether a mail has been sent.

    Recent Articles

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox