loader gif

Attack Combines Phishing, Steganography, PowerShell to Deliver Malware

Attack Combines Phishing, Steganography, PowerShell to Deliver Malware (Malware and Vulnerabilities)

URLZone Morphs Into a Downloader for Ursnif Researchers have discovered a malware campaign targeting Japan and combining phishing, steganography, PowerShell, and the URLZone and Ursnif malwares. This code subsequently downloads a stripped-down version of URLZone which is then used as a downloader for the Ursnif banking trojan. The key elements of the campaign are that it is finely targeted against Japanese users, and that URLZone has been repurposed as an evasive downloader. In this variant, URLZone is used solely as a downloader for additional malware." In this campaign, the final downloaded malware detected by Cybereason was the Ursnif banking trojan.

loader gif