OfflRouter Malware Evades Detection in Ukraine for Almost a Decade

A malware known as OfflRouter has persisted in infecting certain government networks in Ukraine since 2015.

Based on an examination of more than 100 private documents infected with the VBA macro virus and published to the VirusTotal malware scanning portal since 2018, Cisco Talos revealed its conclusions. Since 2022, almost 20 of these documents have been uploaded.

VBA code to drop and launch an executable called “ctrlpanel.exe” was found in the papers, according to security researcher Vanja Svajcer. The virus is still causing potentially sensitive papers to be uploaded to document repositories that are open to the public in Ukraine.

One remarkable feature of OfflRouter is that it cannot be distributed over email; instead, it must be distributed through other channels, like document sharing and removable media—like USB memory sticks that carry infected documents read more OfflRouter Malware Evades Detection in Ukraine for Almost a Decade.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *