Microsoft Discovers New STRRAT Malware Infecting Windows Devices Using Compromised Emails: How to Avoid This Scheme?

Microsoft Security Intelligence discovered a new STRRAT malware that can infect Windows devices using compromised email accounts.

Microsoft Unveils New Surface Laptop
A view of the new Microsoft Surface Laptop following a Microsoft launch event, May 2, 2017 in New York City. The Windows 10 S operating system is geared toward the education market and is Microsoft's answer to Google's Chrome OS. Photo by Drew Angerer/Getty Images

The team of security researchers explained that this new Java-based remote access trojan, or RAT, is popular for its ability to fake ransomware attacks and other advanced data theft capabilities. On the other hand, Microsoft's security researchers previously explained in a series of tweets that this new STRRAT malware can be a pretty massive email campaign. They added that it can spread fake ransomware payloads easily.

STRRAT malware can do this by using various compromised email accounts. However, the involved security experts didn't confirm if the malware's developers are the ones who hacked these emails, or if they bought them from other cybercriminals.

To give you a better idea, here's how the new STRRAT malware works.

Microsoft Says STRRAT Malware Uses Infected PDF

According to the National Cybersecurity News' latest report, the new STRRAT malware will send PDF attachments using the compromised emails. Since these are not fake accounts, they can easily lure many victims into accessing the malicious files.

ATTN: Beware of This New Malware Scheme: Microsoft Says New STRRAT Virus Uses Compromised Emails
A participant uses a laptop computer as he takes part in the Seccon 2016 final competition on January 28, 2017 in Tokyo, Japan. 24 teams from Japan, the US, China, Taiwan, South Korea, Russia, Poland, Switzerland and France competed their skills for cyber securities at the final round of the international cyber security contest in Tokyo. Photo by Tomohiro Ohsumi/Getty Images

Once the unsuspecting users click the malicious PDF files, their Microsoft Windows devices will get infected by the new STRRAT malware.

"The emails contained an image that posed as a PDF attachment but, when opened, connected to a malicious domain to download the STRRAT malware," explained Microsoft Security Intelligence.

"This RAT is infamous for its ransomware-like behavior of appending the file name extension .crimson to files without actually encrypting them," added the team of security experts.

Furthermore, Microsoft said that this new malware is serious because it is designed to fake a ransomware attack while stealing its victim's data in the background.

Identifying an Infected Email Message

Since the new STRRAT malware can't infect your Windows device unless you open the infected PDF attachment, the best thing you can do is check the email message and the account sender before opening their message.

College of Engineering provided the things you need to check before you access any file sent by an unknown contact. Here are some of them that you should know:

  • If an email encourages you to follow a link, there's a high chance it is an email scam.
  • Always check the information verification.
  • Check if the email account's name is familiar. If it doesn't match an expected address for a company, it probably has malware.
  • Check if the email account has the "Undisclosed-recipients/unlisted-recipients" tag.

For more news updates about STRRAT malware and other new computer viruses, always keep your tabs open here at TechTimes.

This article is owned by Tech Times

Written by: Griffin Davis

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags:Microsoft
Join the Discussion
Real Time Analytics