Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs
released on 2022-06-29 @ 09:38:00 AM
Researchers recently discovered of a new version of the AstraLocker ransomware (AstraLocker 2.0) that was being distributed directly from Microsoft Office files used as bait in phishing attacks. Analysts suggest that the threat actor responsible for this campaign likely obtained the underlying code for AstraLocker 2.0 from a leak of the Babuk ransomware in September 2021.