By Artem Semenchenko | November 21, 2018
FortiGuard Labs recently discovered a running Google Docs malware campaign that uses the names of Fortinet and FortiGuard. When we examined the documents, we encountered a long chain of redirects inside a malicious network, and the destination of this chain was dependent on our IP and the user-agent that was used. This malicious network targets all major platforms: Windows, Android, and MacOS.
In this article we analyze this malicious traffic workflow, as well as samples targeting the Windows platform. At the end of the article, we also analyze the attribution information to try and determine who is behind these attacks.
Full Article.
Take a look at the best antivirus, anti-malware, anti-spy, etc. software