Opfail: Phisher Attaches Powershell Exec Instead of Malware

From bleepingcomputer.com

The security community has seen its share of mistakes made by cybercriminals and quickly took advantage to stop the threat. But some of them have reached blooper level.

A phishing email caught recently delivered the victim not some sort of a malicious payload, as one would expect, but the executable of the legitimate PowerShell command line utility found in Windows operating system.

To eliminate all confusion, the command line tool was the genuine one available in Windows 8.1, and it did not do anything on the victim computer.

The phishing message was delivered to the inbox of My Online Security and came with a spoofed sender address and pretended to communication regarding an invoice, asking for confirmation of the company account.

Read more…