Cybercriminals are using corrupted Microsoft Office documents and archive files to evade detection in a new phishing campaign, which has been active since August 2024, according to interactive cyber threat analysis service ANY.RUN. The files are corrupted to avoid email filter scans and antivirus software, but can still be read by certain software like Microsoft Word and WinRAR, exposing a phishing link. The campaign has been using QR codes to launch phishing websites appearing as Microsoft login pages.
Vidar Infostealer Bypasses Google Chrome’s ABE Encryption via APC Injection
A sophisticated evasion technique developed by Vidar infostealer operators successfully bypasses Google Chrome’s Application-Bound Encryption (ABE). Introduced in 2024, ABE was designed to protect browser-stored
