Warning malicious code is spread through email, there is a risk of losing all data

Recently, according to security researcher Diana Lopera, hackers will attach malicious files to emails, leading users to click on them, thereby spreading Vidar malicious code and stealing data. These fake emails often have brief content, aimed at directing the reader's attention to the attachment. The attachment is named "request.doc".

Warning malicious code is spread through email, there is a risk of losing all data Picture 1

However, this is an ISO file - a type of CD image format file, often used by hackers to store malicious software. If the user accesses the above file, the attackers can gain access to the device and steal the victim's data.

Warning malicious code is spread through email, there is a risk of losing all data Picture 2  

At first glance, this is just a regular text document file. However, it does include one Microsoft Compiled HTML Help (CHM) file named "pss10r.chm", the other being "app.exe". 

Disguised Vidar malware can collect system information and data from a wide range of browsers and applications. When activated, Vidar will automatically connect to the remote control server. Then, the malicious code will steal all the user's data.

Warning malicious code is spread through email, there is a risk of losing all data Picture 3

So in the process of using email, be careful with files of unknown origin, containing unknown files to avoid unfortunate data loss problems.

Micah Soto

Update 04 April 2022