HP identified a phishing email using a common invoice scam with an encrypted HTML attachment, a method known as HTML smuggling. This attachment, once decrypted, mimicked a website but harbored a VBScript dropper for the AsyncRAT infostealer malware.
Unusually, the VBScript was well-organized and commented, suggesting AI created it for human use. This represented an evolutionary step in malware development, incorporating AI-generated components to bypass detection methods. The detailed analysis of these components revealed innovative tactics like embedding the AES decryption key within the JavaScript of the attachment, highlighting a sophisticated approach to evading security measures.
Read more: AI-Generated Malware Found in the Wild
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
