A new hacker attack has recently emerged: a dangerous malware is in fact sent, disguised as pdf or excel files, through phishing campaigns.
These campaigns appear to leverage password-protected archive files to spread malware without users having to perform specific actions. Researchers who spotted this new phishing campaign were able to see how the malware spreads through one of the most classic bogus emails asking you to open a pdf or Excel file (like an invoice). The file is actually an SFX archive which contains a self-extracting archive, a batch file and the bait file (pdf or png). All information about the extraction is included in the batch file.