ContributorsPublishersAdvertisers
Software

That boring-looking Excel spreadsheet could be used to spread malware

By Sead Fadilpašić
TechRadar
TechRadar
 2 days ago
https://img.particlenews.com/image.php?url=1WZis4_0gOUAY2b00
(Image credit: solarseven / Shutterstock)

When Microsoft restricted all Excel 4.0 macros by default earlier in 2022 to prevent threat actors from abusing the feature to distribute malware, many security experts thought threat actors would just move to a different attack vertical.

However, security researchers from Netskope have found weaponized Excel files are still very popular as users are still using old and unprotected versions of the software and are, as such, still susceptible to this type of attack.

In a blog post (opens in new tab), Netskope Staff Threat Research Engineer Gustavo Palazolo outlined how the company recently came across “hundreds” of malicious Office documents being used to download and execute Emotet.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.

Single threat actor

Emotet is a trojan capable of stealing information and dropping additional malicious payloads onto the target endpoint.

After doing a search for similar files on VirusTotal, the team discovered 776 malicious spreadsheets, submitted in just a week and a half, during June. Most of the files share the same URLs and some metadata, drawing the researchers to conclude that it’s probably the work of a single threat actor.

In total, the team extracted 18 URLs, four of which were still online and delivering the malicious payload at the time.

The files are being distributed the traditional way - via email. The victim would receive an email claiming to be a payment form for a service, some medical bills or paperwork, or anything that might prompt people into downloading and opening the attachment if nothing then out of curiosity.

Some files were even compressed and password-protected, likely to evade antivirus or email protection services.

Users running the file would see it empty, except for a message saying the contents of the file are “protected” until they enable editing which effectively enables macros, as well.

To best defend from this type of phishing, businesses are encouraged to educate their employees on how to spot phishing, keep their hardware and software updated, and run proper antivirus solutions, firewalls, and multi-factor authentication services.

  • Emotet is less of a threat if you have one of the best antivirus solutions running
https://img.particlenews.com/image.php?url=3pe8ik_0gOUAY2b00

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Comments / 0

Related
itechpost.com

Android Users Beware: These Google Play Store Apps Spread Malware

Android users beware of these Google Play Store apps, even if they have more than a million downloads, as they spread malware. We have listed below some of the harmful apps found on the official app marketplace of Android, thanks to the recent discovery by cybersecurity researchers. Android Google Play...
CELL PHONES
TechRadar

Your beloved Gmail inbox is about to change, whether you like it or not

Google has announced it will begin to push its redesigned Gmail interface to a much wider pool of users. Since the initial rollout earlier this year, the new email interface has been available to Gmail users on an opt-in basis. But now, a large group of account holders (excluding Google Workspace Essentials customers) will be moved over automatically.
INTERNET
IN THIS ARTICLE
#Malware#Al Jazeera Balkans#Antivirus Protection#Threat Actor#Excel#Cybersecurity#Virustotal
technewstoday.com

Why Is My Phone Connected to Wifi But No Internet? How to Fix it

Isn’t it annoying when our phone is connected to WiFi but without internet? Well, having a WiFi connection doesn’t necessarily mean you can access the online world. Sometimes, you see an exclamation sign on the WiFi symbol. This clearly indicates that your device is not connected to the internet.
CELL PHONES
GeekyGadgets

Delete cookies on your Android phone

Android users wishing to delete cookies from their phone may be interested to know they can be easily cleared and deleted from mobile browsers such as Chrome, Firefox, Opera, Samsung’s official Internet browser and more. Deleting the cookies from your mobile browser will help protect your online privacy and stops malicious third parties from tracking your movements online when using your Android phone. this quick guide also you how to clear and delete cookies from your Android phone.
CELL PHONES
International Business Times

Here's How To Delete Emails All At Once

Keeping emails may be convenient for some as it may serve as a digital record especially when they want to look back on important files, reminders or invoices. However, you might lose track of these if you're the type of person who receives hundreds of emails per day. Eventually, it would be harder to sort out your inbox and delete unnecessary items if everything is already piled up.
INTERNET
ohmymag.co.uk

Your iPhone may be hacked, this is how to know for sure and fix it

Malware is essentially a file or code that can infect your phone, control it or steal your private data off it. The phone can get infected through malicious apps, emails or non-secure wifi networks. Either it could be because the user has opened a link or downloaded something that brought the horror to your iPhone.
CELL PHONES
YOU MAY ALSO LIKE
NewsBreak
Microsoft
NewsBreak
Data Security
NewsBreak
Technology
NewsBreak
Computers
NewsBreak
Software
TechRadar

This Android malware is so dangerous, even Google is worried

Google has confirmed reports of the existence of an extremely potent Android malware (opens in new tab), and notified victims that they’re being targeted. In a blog post (opens in new tab), Benoit Sevens, and Clement Lecigne of the company’s Threat Analysis Group said cybersecurity researchers from Lookout were right when they discovered, and warned users, of the existence of a dangerous Android virus (opens in new tab) called Hermit.
CELL PHONES
komando.com

Security tip: How to make sure no one can get into your phone remotely

Once our phones and PCs became connected, our digital lives became much more productive and accessible. They also became more dangerous since cybercriminals could now do double damage to your devices. Luckily, this guide will teach you how to stop hackers from accessing your phone. Remote access is a wildly...
CELL PHONES
TechCrunch

Google is notifying Android users targeted by Hermit government-grade spyware

Hermit is a commercial spyware known to be used by governments, with victims in Kazakhstan and Italy, according to Lookout and Google. Lookout says it’s also seen the spyware deployed in northern Syria. The spyware uses various modules, which it downloads from its command and control servers as they are needed, to collect call logs, record ambient audio, redirect phone calls and collect photos, messages, emails and the device’s precise location from a victim’s device. Lookout said in its analysis that Hermit, which works on all Android versions, also tries to root an infected Android device, granting the spyware even deeper access to the victim’s data.
SOFTWARE
TechRadar

Google is making another big play to steal you away from Microsoft 365

Google has announced a new feature for its productivity suite that could help lure customers away from Microsoft 365. As explained in its latest blog entry (opens in new tab), users will now benefit from the ability to edit Microsoft Office files from within Google Workspace (née G Suite) without the need for an internet connection.
BUSINESS
TechRadar

Best malware removal for 2022: paid and free services

The best malware removal software makes it simple and easy to remove viruses, trojans, and ransomware, as well as protect your computer from further infections. Installing the best antivirus (opens in new tab) software is up there with the best ways to safeguard against malware. However, if your machine has been infected, this guide will provide you with the best tools for getting rid of it.
CELL PHONES
Engadget

Google warns internet service providers helped distribute Hermit spyware

Google is warning of a sophisticated new spyware campaign that has seen malicious actors steal sensitive data from Android and iOS users in Italy and Kazakhstan. On Thursday, the company’s Threat Analysis Group (TAG) shared its findings on RCS Labs, a commercial spyware vendor based out of Italy. On...
INTERNET
knowtechie.com

How to change Gmail’s spam settings and customize the filter

Spam has become as certain as death and taxes, and email providers are in a constant war to keep our inboxes free of phishing attempts, malware, and unwanted clutter. That’s why understanding Gmail’s spam settings is important. While Gmail’s filter is good at sorting the junk from the...
INTERNET
TechRadar

Destroying your hard drive to protect your data

Data security is essential for all businesses. The Identity Theft Resource Center (ITRC) reports a 17% increase in data breaches from 2020 to 2021, with Dataprot stating that 59% of Americans have experienced some form of cybercrime. It is more important than ever for businesses to take steps to protect their data and destroy it to prevent potential breaches.
COMPUTERS
TechRadar

TechRadar

40K+
Followers
43K+
Post
5M+
Views
ABOUT

Its mix of genuine and reliable advice alongside entertaining and fun to read editorial content is why millions of people trust TechRadar to give them tech advice on everything from the latest smartphone releases to the best in digital cameras.

 http://www.techradar.com

Comments / 0

Community Policy