Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Hackers now use Microsoft OneNote attachments to spread malware
[Image: motw-flag-fixed.jpg]

Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets.

This comes after attackers have been distributing malware in emails using malicious Word and Excel attachments that launch macros to download and install malware for years.

However, in July, Microsoft finally disabled macros by default in Office documents, making this method unreliable for distributing malware.

Soon after, threat actors began utilizing new file formats, such as ISO images and password-protected ZIP files. These file formats soon became extremely common, aided by a Windows bug allowing ISOs to bypass security warnings and the popular 7-Zip archive utility not propagating mark-of-the-web flags to files extracted from ZIP archives.

However, both 7-Zip and Windows recently fixed these bugs causing Windows to display scary security warnings when a user attempts to open files in downloaded ISO and ZIP files.

More info HERE

Possibly Related Threads…
Thread Author Replies Views Last Post
  Hackers are targeting industrial systems with malware mrtrout 0 612 07-16-2022 , 06:46 PM
Last Post: mrtrout
  Lazarus hackers use Windows Update to deploy malware Mohammad.Poorya 0 829 01-28-2022 , 05:33 AM
Last Post: Mohammad.Poorya
  Microsoft seizes sites used by APT15 Chinese state hackers mrtrout 0 878 12-07-2021 , 11:16 AM
Last Post: mrtrout
  Hackers exploit Microsoft MSHTML bug to steal Google, Instagram creds mrtrout 0 933 11-25-2021 , 02:58 PM
Last Post: mrtrout
  Microsoft: We're cracking down on malware that uses Excel macros Bjyda 0 966 03-05-2021 , 12:26 AM
Last Post: Bjyda

Forum Jump:

Users browsing this thread: 1 Guest(s)