Virus Guy pretended :
> So explain this.
>
> The last few locky spams I've gotten had .js files packaged as .zip.
>
> When you look for video examples of people messing around with locky
> exploit files (they're triggering the malware to run on their system and
> showing it encrypt files in real-time) - the locky examples are .doc
> files - the ones that leverage a particular word macro exploit.
>
> I can't find any such examples of people messing with the .js locky
> exploit.
>
> And I can find no description of a use-case as to how the .js exploit is
> triggered from an email spam attachment.
The user clicks on the unzipped js file. You shouldn't assume that the
user is never involved in the vector.
--- NewsGate v1.0 gamma 2
* Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)
|