Key Points:
Morphisec Labs tracked a new MirrorBlast campaign targeting financial services organizations
MirrorBlast is delivered via a phishing email that contains malicious links which download a weaponized Excel document
MirrorBlast has low detections on VirusTotal due to the extremely lightweight macro embedded in its Excel files, making it particularly dangerous for organizations that depend on detection-based security and sandboxing
Introduction
Financial organizations are historicall…