1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Corrupted Microsoft Word files used to launch phishing attacks

    From TechnologyDaily@1337:1/100 to All on Tuesday, December 03, 2024 17:15:05
    Corrupted Microsoft Word files used to launch phishing attacks

    Date:
    Tue, 03 Dec 2024 17:00:00 +0000

    Description:
    Word can easily restore these corrupted files, but you should still be on
    your guard.

    FULL STORY ======================================================================Security
    researchers saw corrupted files used in phishing campaigns These files
    bypass email protection solutions Word can easily restore them, presenting malicious content to the victim

    Cybercriminals have found a new and creative way to sneak phishing emails
    past your onlinedefenses and into your inbox, experts have warned.

    A new report from cybersecurity researchers Any.Run observed crooks distributing corrupted Microsoft Word files in their campaigns. Most phishing emails come with an attachment. That file can either be malware itself, or
    can contain a link to a malicious website, or download.

    In response, most email security solutions these days analyze incoming attachments before the recipient can read them, warning the victim if they
    are being targeted. Stealing login credentials

    However, if the file is corrupted, security programs cannot read, or analyze it, and thus cannot flag it as malicious. So, hackers have now started deliberately corrupting the phishing files, before sending them out. The trick? Word can easily restore them.

    Once they are restored, and readable, it is already too late for email security tools to scan them, and the victim is presented with the malicious content which, in this case, is a QR code leading to a fake Microsoft 365 login page.

    Therefore, the goal of the recently observed campaign is to steal peoples cloud credentials.

    "Although these files operate successfully within the OS, they remain undetected by most security solutions due to the failure to apply proper procedures for their file types," Any.Run said.

    "They were uploaded to VirusTotal, but all antivirus solutions returned "clean" or "Item Not Found" as they couldn't analyze the file properly."

    Phishing remains one of the most popular attack vectors on the internet.
    While there are many software solutions helping businesses minimize the threat, the best defense remains the same - using common sense and being careful with incoming email messages. This rings particularly true for messages coming from unknown sources, and messages coming with a sense of urgency.

    Via BleepingComputer You might also like The first UEFI bootkit malware for Linux has been detected, so users beware Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/corrupted-microsoft-word-files-used-to- launch-phishing-attacks


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)