Dridex Trojan Exploits Microsoft Office Zero-Day Vulnerability

Bot

AI-powered Bot
Thread author
Verified
Apr 21, 2016
3,320
That zero-day vulnerability affecting all versions of Microsoft Word was being used for more than one purpose it seems, including in a large email campaign spreading the Dridex banking trojan.

In the past few days, it was announced that a serious security flaw in Microsoft Word made it possible for hackers to hijack computers with the help of a malicious RTF document hiding code which downloads the malware on the victim's computer.

According to security firm Proofpoint, however, the vulnerability was also exploited in a large-scale email campaign spreading Dridex left and right, although it seems that most of those who received infected emails lived in Australia.

"This represents a significant level of agility and innovation for Dridex actors who have primarily relied on macro-laden documents attached to emails. While a focus on exploiting the human factor - that is, the tendency of people to click and inadvertently install malware on their devices in socially engineered attacks - remains a key trend in the current threat landscape, attackers are opportunists, making use of available tools to distribute malware efficiently and effectively. This is the first campaign we have observed that leverages the newly disclosed Microsoft zero-day," Proofpoint writes.

Read more: Dridex Trojan Exploits Microsoft Office Zero-Day Vulnerability
 
Last edited by a moderator:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top