A disk image is essentially a virtual copy of a physical disk that houses all of the files and requires that it be mounted in order to access its contents. There are multiple disk image file formats, but we have seen ISO and IMG files being abused the most. We’ve identified that these files are typically delivered via phishing campaigns as an attachment or link - a malicious URL in the body of the email or within crack software downloads.Ĭyber criminals have been taking advantage of built-in Windows capabilities to mount disk image files once they are opened by the end user. Files such as ISO and IMG were sent to infect systems with the goal of delivering remote access trojans (RATs) as well as a few other malware variants. Throughout 2019 and the beginning of 2020, the CrowdStrike ® Falcon Complete TM team continuously observed a spike in the delivery of weaponized disk image files.
0 kommentar(er)
