"Mail Attachment Builds Ransomware Downloader from Super Mario Image" - A malicious spreadsheet has been discovered that builds a PowerShell command from individual pixels in a downloaded image of Mario from Super Mario Bros. When executed, this command will download and install malware such as the GandCrab Ransomware and other malware. - emails contain an attachment with names similar to "F.DOC.2019 A 259 SPA.xls" that when opened tell the user to Enable Content in order to properly view the document. - macros will be triggered that check if the computer is configured to use the Italy region. - if located in Italy, an image of Mario is downloaded - after the image is downloaded the script will extract various pixels from the image to reconstruct a PowerShell command, which will then be executed. - PowerShell command will download malware from a remote site, which then downloads further malware such as the GandCrab Ransomware. https://www.bleepingcomputer.com/ne...ransomware-downloader-from-super-mario-image/ Luigi, the Princess and Mario need you!!