Malware Meets SysAdmin – Automation Tools Gone Bad

By Talos Group This post was authored by Alex Chiu and Xabier Ugarte Pedrero . Talos recently spotted a targeted phishing attack with several unique characteristics that are not normally seen. While we monitor phishing campaigns used to distribute threats such as Dridex , Upatre , and Cryptowall , targeted phishing attacks are more convincing because the format of the message is personalized to the targeted user. This targeted attack was more difficult to detect because adversaries chose to leverage AutoIT, a well known freeware administration tool for automating system management []

Source:: Cisco Security Notice