New ransomware uses Excel documents for distribution
December 12, 2016

Securityweek is reporting that a new Locky variant, Osiris, is being distributed through the use of Excel documents. Specifically, the victim gets an email with the malicious Excel document attached as a .zip file. When the Excel document is opened, the user is asked to allow macros in order to view the content. If the user allows the macro to run, it will download a DLL file to the Windows Temp folder and then execute the file using the Windows rundll32.exe program. The file extension will probably be renamed so

Read more