Updated on 2022-10-21
Trustwave SpiderLabs spotted a rise in threats contained in password-protected archives, with 96% of these being spammed by Emotet.
Overview
Trustwave researchers have documented a recent malspam technique where spam groups use nested archive files to hide payloads from security solutions, and sometimes, with some exploit chains involving up to three nested files and even the use of password-protected files and self-extracting file formats. Read more: Archive Sidestepping: Emotet Botnet Pushing Self-Unlocking Password-Protected RAR
