Microsoft OneNote Documents Used To Deliver Malware
Malicious actors are distributing spear-phishing emails with malicious Microsoft OneNote documents to infect users with backdoors, remote access trojans, and information stealers.
The malicious software used in the campaigns include Qbot, AsyncRAT, Agent Tesla, DOUBLEBACK, Netwire, QuasarRAT, RedLine Stealer, and XWorm.
Multiple Windows binaries are used to carry out the operation including PowerShell, cmd.exe, and curl.exe.
Subscribe to Our Blog
Subscribe now to get the latest insights, expert tips and updates on threat exposure validation.
Subscribe