A new attack campaign that hides malicious code in WAV files has been discovered by researchers.
Some of the infected WAV files played music without any glitches, while others generated white noise.
The WAV files were observed to have a loader component for decoding and the malware was seen throughout the audio data. These files can be delivered through spam emails, or web downloads pretending to be pirated content.
Analyzing the campaign
The campaign delivered two payloads, XMRig Monero CPU miner and a Metasploit code to establish a reverse shell.
The discovery of both ..