The Vawtrak banking malware now leverages macros and the Windows PowerShell scripting tool to infect computers.
Subject : Vawtrak Banking Trojan Uses Windows PowerShell, Macros in Infection Routines
Summary from the source link:
The attack starts with a spam email that appears to come from FedEx, American Airlines or other companies. The bogus messages contain what appears to be a harmless document. When the document is opened with Microsoft Word, users are presented with random symbols and they are instructed to enable macros in order to view the content.After macros are enabled, the text in the document becomes visible. In the meantime, a batch file, a VBS file and a PowerShell script are dropped onto the infected system. The batch file is designed to execute the VBS file, which in turn runs the PowerShell script.
The opinions expressed in the posted news items/tweets do not necessarily reflect the views of IT Matrix.