Malspam Campaign using CVE-2017-0199 Targets Manufacturing, Pharmaceutical, and other important Industries

  • 4
    Shares

Quick Heal Security Labs has come across various email campaigns that are actively exploiting the famous vulnerability CVE-2017-0199 in their bid to target prominent private industries in India. CVE-2017-0199 was a zero-day vulnerability reported in April 2017 by two different security firms. Almost all of the MS Office versions were affected by it. Microsoft had issued a patch for this vulnerability on 11th April 2017. As usual, many attackers started exploiting this vulnerability in their spam campaigns.  The following is an analysis of this campaign by Quick Heal Security Labs.

Attack chain

Fig 1

Fig 1

Targeted organizations
The below figure represents the statistics of organizations targeted by the malicious campaign.

Fig 2

The manufacturing sector seems to be the most favored target followed by pharmaceuticals, exports, and hotels.

Download the PDF report below to go through a detailed technical analysis of the campaign

pdf-icon

 

Acknowledgment

Subject Matter Experts

  • Pawan Chaudhari, Aniruddha Dolas | Quick Heal Security Labs
Quick Heal Security Labs

Quick Heal Security Labs


No Comments, Be The First!

Your email address will not be published.

CAPTCHA Image