While most malicious e-mail campaigns employ Word documents to disguise and spread malware, researchers have uncovered that a recently discovered campaign combines a malicious PDF file and a 22-year-old Office bug to disseminate the Snake Keylogger virus.
According to a blog post published Friday by HP Wolf Security experts, the campaign seeks to fool victims with an attached PDF file claiming to provide details about a remittance payment. Instead, it downloads the data-stealing virus and uses deception to avoid detection.
The email campaign also made use of Microsoft Word, which exploited the Office RCE flaw. Researchers discovered that while the new campaign uses PDF in the file bait, it eventually uses Microsoft Word to deliver the ultimate payload—the Snake Keylogger.