loader gif

Organizations in Asia Targeted With InPage Zero-Day

Organizations in Asia Targeted With InPage Zero-Day (Malware and Vulnerabilities)

InPage is a word processor for languages such as Urdu, Persian, Pashto and Arabic. The product is widely used in Asia and some other parts of the world. While analyzing a target that had been hit with various types of exploits, Kaspersky Lab researchers discovered an exploit file that had an InPage (.inp) extension. The file contained a shellcode that was triggered on several InPage versions. The shellcode decrypts itself and an EXE file embedded in the malicious document. In the attacks threat groups sent spear-phishing emails carrying the InPage exploit to various govt and financial institutions in Asia and Africa. Since the exploit has been leveraged to deliver various backdoors researchers believe the zero-day has likely been used by multiple actors.

loader gif