CYBONET’s PineApp Mail Secure Stops Hancitor Malspam Campaign Emails

There has been a recent revival in a successful malicious spam (malspam) campaign which attempts to distribute the Hancitor Downloader. This downloader delivers a range of malware by prompting the recipient to click a link to download an ADP invoice; with a hyperlink to a Microsoft Word document.

‍

‍

The phishing email and accompanying Word document employ the usual trick of encouraging recipients to ‘enable content’, which then runs a malicious macro designed to download and infect Windows hosts with Pony and DELoader (ZLoader).

‍

‍

As can be seen from the accompanying screenshots, CYBONET’s PineApp Mail Secure helped one of our customers to correctly identify these malspam emails as spam and to quarantine them, alerting company users to the dangers of downloading the ADP invoices and infecting the organization’s email with malware.

PineApp Mail Secure protects your company from the dangers of phishing emails and malware. It blocks 99.7% of spam and viruses and protects both inbound and outbound email traffic. Our new Sandboxing Solution Module leverages Check Point’s SandBlast technology, and executes, analyzes and quarantines unknown malware in a segregated and tightly controlled environment. This provides the deepest visibility into malware behavior and enhanced protection against zero-day attacks. To learn more about our flagship PineApp Mail Secure solution, click here, or contact info@cybonet.com

‍
‍

‍