Computer News & Safety – Harry Waldron Rotating Header Image

Malware – File extension DAA used by CD and DVD burning exploited

File extension DAA is used by CD and DVD burning software (Power ISO) & is now being exploited as shared below.  While a rare in-the-wild threat, it illustrates dangers & creativity associated with new attacks:

Agent Tesla keylogger delivered inside a Power ISO .daa archive

We never fail to be astonished by the ingenuity and attempts from malware bad actors to get their malware delivered to their intended victims. However in many cases, like this one, their attempts spectacularly backfire where such a tiny, minuscule number of recipients will be able to open the malware attachment and stand a possibility of being infected. They have used a type of archive that is virtually unknown and none of the commonly used extraction tools will extract the content. They have used a .daa file which is a proprietary format created by and only used by  Power ISO, which is a program primarily used to create, rip, alter, or copy DVD, CD or Blue-ray discs. It does though have the ability to create zip files.

Comments are closed.