Introduction Last month, I stumbled upon a blog post from Trustwave titled Search & Spoof: Abuse of Windows Search to Redirect to Malware. Figure 1: Search & Spoof: Abuse of Windows Search to Redirect to Malware (Source: Trustwave) Trustwave SpiderLabs has detected a sophisticated malware campaign that leverages the Windows search functionality embedded in HTML code to deploy malware. We found the threat actors utilizing a sophisticated understanding of system vulnerabilities and user behaviors.
