Downloader Disguised as Excel Add-In (XLL), (Fri, Nov 19th)

At the Internet Storm Center, we like to show how exotic extensions can be used to make victims feel confident to open malicious files. There is  an interesting webpage that maintains a list of dangerous extensions used by attackers: filesec.io[1]. The list is regularly updated and here is an example of malicious file that is currently not listed: “XLL”. It’s not a typo, it’s not a “DLL” but close to!

Article Link: InfoSec Handlers Diary Blog