"Researchers Warn of Spam Campaign Targeting Victims with SVCReady Malware"

There is a new wave of phishing campaigns attempting to spread SVCReady malware. This malware is known for the unusual way in which it is delivered to target PCs as it uses shellcode hidden in the properties of Microsoft Office documents. SVCReady is suspected to be in its early stage of development, with the malware being iteratively updated numerous times last month. The first signs of its activity appeared on April 22, 2022. SVCReady's infection chain entails delivering Microsoft Word document attachments with VBA macros to targets through email in order to activate the deployment of malicious payloads. The campaign stands apart because the macro runs shellcode stored in the document properties instead of employing PowerShell or MSHTA to retrieve next-stage executables from a remote server. In addition to maintaining persistence on the infected host via a scheduled process, the SVCReady can gather system information, capture screenshots, conduct shell commands, and download and execute arbitrary files. This article continues to discuss findings surrounding new phishing campaigns delivering SVCReady malware. 

THN reports "Researchers Warn of Spam Campaign Targeting Victims with SVCReady Malware"