Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Options

Malware hidden in Drive Images (.img Files)

BWCBWC Cybersecurity Overlord ✭✭✭

Hi,

in the recent weeks I experienced more and more Malware that slips through the Email Security Appliance (and probably Hosted Email Security as well). This happens when the bad actor is using .img Files as vehicle of choice and putting the load in this Drive Image.

I've seen all types of malicious content in it, but current campaigns seem to favor .exe and .chm files.

Because AV and Capture ATP was not able to detect, I strongly suggest to block any .img Files via Filter Policy. If you already use the built-in "Strip Potentially Dangerous File Attachments" just add .img as another Suffix.

--Michael@BWC

Category: Email Security Software
Reply
Sign In or Register to comment.