Recently, researchers at Trend Micro and Dodge this security had discovered a technique in which hackers can launch the malware even if you don’t click anything. This is what makes this malware most dangerous. Since it triggers itself without even a click. Users just need to hover a mouse pointer over a hyperlink in a carrier PowerPoint file to trigger the malware. Well, the recent campaign is targeting companies and organizations in Europe, Middle East, and Africa. Victims are receiving emails which are mostly related to finance like “Invoice”, “Order” etc. with an attached PowerPoint presentation. The powerpoint file has a hyperlink in the center that displays “Loading…please wait” that is actually an embedded malicious PowerShell script. Once user hovers a mouse over the malicious link, it executes the script. This malware downloader installs a banking trojan in victims computer which is capable of stealing victim’s bank credential and information that are saved inside users system. However, this malware is infecting those who are running the older version of Microsoft Office. Since newer versions had a Protected View which indicates users about ‘potential security concern” when the script starts running. Users running the newer version of Microsoft office just needs to click on “Disable” and they will be safe. Researchers recommend installing a proper internet security. Using a newer version of Microsoft Office would also solve the problem. So, what do you think about this? Share your views in the comment box below.
Δ