[Rspamd-Users] Virus replies automatically
Rob Gunther
redrob at gmail.com
Fri May 29 05:53:09 UTC 2020
I know this is not a new technique, but something we are seeing in the last
couple days.
There is a virus out there that is somehow accessing a user's email. It
sends replies back to the sender with a password protected .zip file and a
password.
Essentially, two people are having a conversation and the virus jumps in
and sends a message on its own.
The recipient has a high probability of opening the message because they
know the sender and are actually having a conversation.
I tested the virus with VirusTotal (sending them the .zip file) and of
course not a single AV scanner can scan the file because it is encrypted.
Smart virus, dumb users. Who do you think is going to win here?
Anyone have a suggestion how to go about stopping this virus?
More information about the Users
mailing list