Our Blog

 ADP pic1


There has been a recent revival in a successful malicious spam (malspam) campaign which attempts to distribute the Hancitor Downloader. This downloader delivers a range of malware by prompting the recipient to click a link to download an ADP invoice; with a hyperlink to a Microsoft Word document.

ADP invoice pic

 

ADP invoice2 pic

 

The phishing email and accompanying Word document employ the usual trick of encouraging recipients to ‘enable content’, which then runs a malicious macro designed to download and infect Windows hosts with Pony and DELoader (ZLoader).

Hancitor malspam flowchart


As can be seen from the accompanying screenshots, CYBONET’s PineApp Mail Secure helped one of our customers to correctly identify these malspam emails as spam and to quarantine them, alerting company users to the dangers of downloading the ADP invoices and infecting the organization’s email with malware.

PineApp Mail Secure protects your company from the dangers of phishing emails and malware. It blocks 99.7% of spam and viruses and protects both inbound and outbound email traffic. Our new Sandboxing Solution Module leverages Check Point’s SandBlast technology, and executes, analyzes and quarantines unknown malware in a segregated and tightly controlled environment. This provides the deepest visibility into malware behavior and enhanced protection against zero-day attacks. To learn more about our flagship PineApp Mail Secure solution, click here, or contact This email address is being protected from spambots. You need JavaScript enabled to view it.


ADP pic2

 

ADP pic3

 

Still have questions about CYBONET?

Send us a message