Malicious email attacks involving JavaScript-concealed malware have surged during the third quarter, HackRead reports.Fictitious purchase orders, quotes, and shipment notices have been used by threat actors to spread a compressed archive file with a JavaScript file, which exploits Windows Management Instrumentation and PowerShell to execute commands after being opened, according to a Forcepoint X-Labs analysis.Intrusions also involved the use of steganography to hide nefarious code within a seemingly legitimate image file, with the downloader script decoding the Base64-encoded DLL or EXE payloads. Agent Tesla, Remcos RAT, DarkCloud, and FormBook are among the malicious payloads spread by such intrusions, according to researchers.With such attacks using programs and functions that bypass security analysis, organizations have been urged to not only adopt sophisticated email filtering systems but also bolster endpoint security defenses and user awareness programs.




