Incidents

Avarta – an MS Publisher virus

The spring seems to be a prolific time for new ideas and proof of concept viruses. However, not all of them are a cause for concern.

For instance, we’ve received a new virus which infects Microsoft Publisher (*.pub) documents. You can find a description of Avarta here.

Due to its crude replication method and obvious payload, Avarta has zero chances of getting in the wild. Three or four years ago, this might have been an innovative piece of malware. But now macroviruses are virtually extinct, making Avarta proof of concept for something that will never become a threat.

Avarta – an MS Publisher virus

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Reports

ToddyCat: your hidden email assistant. Part 2

An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.