I have seen some pretty lame malware campaigns over time, but this one must rank as one of the lamest ones. Whichever bad actor sending these needs to step up his game. He is using csv attachments that will open in Excel or any other spreadsheet program. He is trying to use the Excel DDE “feature” to download and run the nanocore payload. This is one of the simplest & most basic files I have seen in a long time. it is all in plain text & opens in notepad so you can read it. Using the DDE feature pops … Continue reading →