Malware Dropper Supports a Dozen Decoy Document Formats

A recently discovered malware dropper has the ability to use nearly a dozen decoy document file formats to drop various payloads, Palo Alto Networks security researchers warn.  Dubbed CARROTBAT, the customized dropper is being used to deliver lures primarily pertaining to the Korean region, revolving around subjects such as crypto-currencies, crypto-currency exchanges, and political events.

To date, Palo Alto Networks identified 29 unique CARROTBAT samples, containing a total of 12 confirmed unique decoy documents. The dropper first emerged in March 2018, but most of its activity was observed over the past three months.

Read more about the CARROTBAT malware dropper on SecurityWeek.





Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief