In The Name OF Allah
Al-Salam Alekum
Quote:A new campaign using Weaponized Microsoft Publisher File(.pub) to deliver the FlawedAmmyy RAT. The FlawedAmmyy RAT is a backdoor tool that gains remote access to the attacker. Security researchers from Trustwave spotted the Email campaign subjected “Payment Advice” with Microsoft Office Publisher file attached.https://gbhackers.com/microsoft-publishe...y-rat/amp/
Once the .pub file is opened it asks the victim’s to Enable Macros, the macro script triggers Document_Open() event which opens the file and once the file is opened it access the URL that located in the Tag Property and executes a downloaded file.
Wa Salam Alekum
* Thankful to Allah *
Kurdy