- Apr 21, 2016
- 4,370
That zero-day vulnerability affecting all versions of Microsoft Word was being used for more than one purpose it seems, including in a large email campaign spreading the Dridex banking trojan.
In the past few days, it was announced that a serious security flaw in Microsoft Word made it possible for hackers to hijack computers with the help of a malicious RTF document hiding code which downloads the malware on the victim's computer.
According to security firm Proofpoint, however, the vulnerability was also exploited in a large-scale email campaign spreading Dridex left and right, although it seems that most of those who received infected emails lived in Australia.
"This represents a significant level of agility and innovation for Dridex actors who have primarily relied on macro-laden documents attached to emails. While a focus on exploiting the human factor - that is, the tendency of people to click and inadvertently install malware on their devices in socially engineered attacks - remains a key trend in the current threat landscape, attackers are opportunists, making use of available tools to distribute malware efficiently and effectively. This is the first campaign we have observed that leverages the newly disclosed Microsoft zero-day," Proofpoint writes.
Read more: Dridex Trojan Exploits Microsoft Office Zero-Day Vulnerability
In the past few days, it was announced that a serious security flaw in Microsoft Word made it possible for hackers to hijack computers with the help of a malicious RTF document hiding code which downloads the malware on the victim's computer.
According to security firm Proofpoint, however, the vulnerability was also exploited in a large-scale email campaign spreading Dridex left and right, although it seems that most of those who received infected emails lived in Australia.
"This represents a significant level of agility and innovation for Dridex actors who have primarily relied on macro-laden documents attached to emails. While a focus on exploiting the human factor - that is, the tendency of people to click and inadvertently install malware on their devices in socially engineered attacks - remains a key trend in the current threat landscape, attackers are opportunists, making use of available tools to distribute malware efficiently and effectively. This is the first campaign we have observed that leverages the newly disclosed Microsoft zero-day," Proofpoint writes.
Read more: Dridex Trojan Exploits Microsoft Office Zero-Day Vulnerability
Last edited by a moderator: