Trickbot Delivery Method Gets a New Upgrade Focusing on Windows 10
released on 2020-03-02 @ 08:48:25 PM
"Over the past few weeks, Morphisec Labs researchers identified a couple dozen documents that execute the OSTAP javascript downloader. This time we have identified the use of the latest version of the remote desktop activeX control class that was introduced for Windows 10. The attackers utilize the activeX control for automatic execution of the malicious Macro following an enable of the Document content."