Malware News Pirated Microsoft Office delivers malware cocktail on systems

vtqhtr413

Level 27
Thread author
Well-known
Aug 17, 2017
1,609
Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites.

The malware delivered to users includes remote access trojans (RATs), cryptocurrency miners, malware downloaders, proxy tools, and anti-AV programs.

AhnLab Security Intelligence Center (ASEC) has identified the ongoing campaign and warns about the risks of downloading pirated software.

The Korean researchers discovered that the attackers use multiple lures, including Microsoft Office, Windows, and the Hangul Word Processor, which is popular in Korea.

The cracked Microsoft Office installer features a well-crafted interface, letting users select the version they want to install, the language, and whether to use 32 or 64-bit variants.
 

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,216
Why? Why would someone use a cracked office? I would understand it a decade ago, but there are so many free alternatives now like FreeOffice, LibreOffice, WPS, even MS365 Free. 🤦‍♂️
I mean, I see the reason why—it's literally the standard when it comes to office software. None of the alternatives come close in terms of compatibility, sadly, and I tried them all.

And while I can see the reason why would someone pirate Microsoft Office, I don't understand why would anyone download the installation file from anywhere else other than Microsoft's website. Especially when Microsoft left the loophole intentionally by which you can activate, both Windows and Office for free.
 
Last edited:

JustInTime

Level 2
Feb 21, 2022
58
I mean, I see the reason why—it's literally the standard when it comes to office software. None of the alternatives come close in terms of compatibility, sadly, and I tried them all.

And while I can see the reason why would someone pirate Microsoft Office, I don't understand why would anyone download the installation file from anywhere else other than Microsoft's website. Especially when Microsoft left the loophole intentionally by which you can activate, both Windows and Office for free.
M$ tried to patch HWID activation method but couldn't activated license of customers because their own license activation system sucks so they aren't even trying anymore.
Microsoft support 'cracks' Windows for customer after activation fails reported on BleepingComputer last year.
 

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,216
M$ tried to patch HWID activation method but couldn't activated license of customers because their own license activation system sucks so they aren't even trying anymore.
Microsoft support 'cracks' Windows for customer after activation fails reported on BleepingComputer last year.
They could totally patch this loophole, but they just don't want to. Remember: MAS is hosted directly on GitHub (a platform owned by Microsoft) for years and they just refuse to take the repository down. Article you linked even confirms that the same tool is used by Microsoft employees themselves, so they consider the tool to be useful.

So why doesn't Microsoft want to patch the loophole and shut down MAS? Because;
  1. They earn more money this way than ever before. Before Windows 10, you'd pay for Windows once (if you paid for it at all) and that's all the money Microsoft got from you. Now, they have a constant money flow because of ads, sponsored apps installed and data collection. They monetize it all. Companies like to pay for advertising, let alone their apps coming preinstalled on every copy of Windows.
  2. Most of Microsoft revenue now comes from Azure and their other services for companies. Private users, Windows and Office are just tiny chunk of that.
  3. Returning back to the old activation method would only chase the users away and make a loss of revenue. And they obviously don't want that.
I'd also like to mention that I wouldn't call MAS cracking tool. It's just an collection of activation script using Microsoft's own methods for doing the same. Software cracking is tampering with original code of software, either by removing or adding new lines of code in other to bypass activation system. MAS isn't doing any of that. Cracking tools are entirely closed source because their developers don't want product developers to know how they bypassed their activation system, and so they can hide malware. MAS is entirely open source and well documented.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top