Microsoft has sounded the alarm about a dangerous new strain of malware that can steal your account login details, duplicate anything you’ve copied on your computer, and spy through your webcam. The malware is being distributed with dodgy PDFs, which are attached to emails that are sent out to unsuspecting PC owners.
Trying to open the PDF is enough to kickstart the attack. Double-clicking on the fake file will “download a malicious VBScript, which drops the RAT payload,” Microsoft cautions. RAT stands for Remote Access Trojan, inspired by the military tactic used by the Greeks, which sees seemingly safe files laced with malware as a way to sneak them onto victim’s computers.
According to the research by Microsoft, attackers are currently spoofing legitimate organisations in the aviation, travel, or cargo industries to trick email users into launching the malware-laced PDF.
This type of RAT is designed to steal a myriad of information. Login credentials, including usernames and passwords for your online accounts, anything that has been stored in the clipboard (the tool that enables you to copy-and-paste text, images, apps, and more across the operating system), as well as images from your webcam. If these stolen details don’t directly allow the cybercriminals to earn a profit (a password to your online banking is a pretty quick way to make a buck or two) then the data can be used to blackmail users into paying up.
A number of recent scams have seen users blackmailed by bad actors who claim to have access to stolen pictures from your webcam. If you don’t pay up, the hackers threaten to send the offending images to friends, family and colleagues, who they know thanks to stolen access to your social media accounts.
It’s gruesome stuff, but unfortunately, these types of cyber attacks are becoming more common.
Worse still, you don’t even have to download the problematic PDF to fall victim to this type of attack. As Microsoft warns, it can only take one person in a sprawling multinational company to fall foul of this scam before the malware spreads across the business’s entire IT network. So, you could be working at home, blissfully unaware that one of your colleagues has fallen for the scam, only for hackers to have access to your webcam.
Some security experts have speculated that a dodgy email with a malicious file attached was how hackers managed to blackmail the CEO of the Colonial Pipeline in the United States to the tune of $4.4 million to regain access to their internal IT network. That shows the scale of the attacks possible with this type of technique.
Ensuring that you use a uniquely generated password for every online account is a good way to shield yourself. That way, should hackers gain access to one of your login credentials – they won’t be able to use the same email-password combination to unlock every single account in your name. Never download any unsolicited files that you’re not sure about. And don’t be afraid to talk to your IT team if you’re suspicious of something.
If you’re running Windows 10, Microsoft has included an application called Windows Sandbox. This creates a standalone, virtual version of Windows 10 that’s separated from your files, applications, and data. Launching this app, pasting the file you’re concerned about onto the blank desktop, and opening it within Windows Sandbox can be a good way to vet a dodgy file.
Published at Fri, 21 May 2021 08:39:00 +0000