Malware Peddlers Experimenting with Highly-Successful Infection Techniques
Hackers who peddle malware are in the business of being on top of their game and in their recent efforts they have experimented with what is found to be highly successful infection techniques targeting hapless computer users.
New spam and malware campaigns are steadily introduced into the wild, mostly aimed to extort money from computer users or take advantage of them in a way to earn hackers a nice payday. In recent spamming campaigns, hackers have embedded malware into RTF and DOC files through fake UPS spam emails. This campaign has proven successful in that the message is cleverly crafted, even appearing to come from a legitimate UPS email address.
The particular UPS email spam campaign uses an attached file leading to a bogus DOC file that is actually a RTF file containing a system exploit. The security researcher Bart Blaze was able to uncover this particular file carrying a vulnerable OLE document, which exploits a MS Office vulnerability to install malware on the affected computer.
As far as the specific malware that is dropped from this DOC and OLE document payload, it has not been determined other than it is suspected to be a Bitcoin mining Trojan or a Zeus information-stealing threat. As we know first-hand from Zeus-type threats that banking data is at a serious risk and Bitcoin mining Trojans, are no better in that they may lead to theft of Bitcoins.
The process and methodology of embedding malicious files into DOC and RTF files will basically allow hackers to bypass email filtering by extension type. It is rather a simple thought process to conjure up this sneaky method, which some others have exploited in the past but without much success. This newer method is expected to be highly exploited in the future, which is why we suggest that you always keep your software up to date.
Considering how MS Office products are once again on the hacker radar screen awaiting attack, it behooves you to take all necessary precautions to prevent infection, which can lead to theft of your banking information or theft of Bitcoins. Although experts have yet to see this new infection technique take place in large numbers yet, it opens the proverbial doors for hackers to learn from this instance and equip their army to carry out massive campaigns reaching thousands of computers around the world.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.