Connect with us

Techunzipped News

Techunzipped News

Microsoft Warns Users Of Excel Malware Campaign

Technology News

Microsoft Warns Users Of Excel Malware Campaign

Microsoft Security Intelligence team has found an Excel malware campaign that executes uniquely. This campaign even requires the target user to solve a CAPTCHA, which will then execute the malware.

Sharing the details in a series of tweets, MSI Team explained that the CHIMBORAZO is actively executing a phishing campaign. This is the same group that ran the Dudear campaigns which dropped the info-stealing Trojan GraceWire.

The attack begins via phishing emails containing the phishing link as part of the text or within an HTML attachment embedded in the malicious iframe tag. Till this point, it looks like any other phishing attack. However, the next step is what makes it unique.

Clicking the malicious link redirects the victim to a web page impersonating the Cloudflare DDoS protection page. It requires the user to solve Google reCAPTCHA.

 

Solving the CAPTCHA then downloads a malicious Excel file in which, enabling macros would then download the final payload, the info-stealing GraceWire Trojan. This is what makes this malware campaign similar to Dudear.

Nonetheless, users should still remain very careful while downloading files from emails. Likewise, they should remain vigilant enough while enabling editing for MS Office files, that otherwise remain protected by MS Office by default.

When not expelling tech wisdom, Rutendo feeds on good stories that strike on all those emotional chords. She loves road trips, a good laugh, and interesting people.

More in Technology News

Ad

Facebook

Trending Posts




To Top