Date:15/11/17
A new cyberattack doing the rounds infects computers through Microsoft Office documents. Microsoft has already responded by releasing new security tips to stop from users from falling into the trap.
The group behind this new attack is called Fancy Bear. This isn’t any old group of cybercriminals; it is reported that they were behind the Democratic National Convention (DNC) hack during the 2016 US presidential election.
The technique behind this new Fancy Bear attack is to take advantage of the Dynamic Data Exchange, or DDE technology. This allows them to execute a code that is stored in another file.
The group sent a Word document called IsisAttackInNewYork.doc (“Isis Attacks New York”). The striking title led to a number of victims opening the document and finding links leading to malware-infested pages. At this point, however, the document wouldn’t be able to download the virus, instead displaying this message:
When the user opens the document, a message appears saying that the document contains internal links that can refer to files. The document then asks for permission to use the DDE technology to connect to the servers to update. In this case “update” means install a virus.
Microsoft advises that users be very careful before clicking Accept on these types of messages. If the origin of the document is unknown or if the document is suspicious in any way, they advise ignoring the DDE request.
A new virus attacks PCs through Microsoft Word documents
A new cyberattack doing the rounds infects computers through Microsoft Office documents. Microsoft has already responded by releasing new security tips to stop from users from falling into the trap.The group behind this new attack is called Fancy Bear. This isn’t any old group of cybercriminals; it is reported that they were behind the Democratic National Convention (DNC) hack during the 2016 US presidential election.
The technique behind this new Fancy Bear attack is to take advantage of the Dynamic Data Exchange, or DDE technology. This allows them to execute a code that is stored in another file.
The group sent a Word document called IsisAttackInNewYork.doc (“Isis Attacks New York”). The striking title led to a number of victims opening the document and finding links leading to malware-infested pages. At this point, however, the document wouldn’t be able to download the virus, instead displaying this message:
When the user opens the document, a message appears saying that the document contains internal links that can refer to files. The document then asks for permission to use the DDE technology to connect to the servers to update. In this case “update” means install a virus.
Microsoft advises that users be very careful before clicking Accept on these types of messages. If the origin of the document is unknown or if the document is suspicious in any way, they advise ignoring the DDE request.
Views: 429
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
