Hackers have been taking advantage of the Word macro, the small pieces of code are injected into documents to automate certain tasks, to hide malware within the documents that, when opened, infect users; according to information security professionals.
It is increasingly difficult to infect with malware through the Office macro, however, hackers have found a new technique to attack computers with Word documents without using Macros.
Recently, cyber security experts have detected a new SPAM campaign that distributes a series of malicious Word documents in order to infect users’ computers. At first it seemed that the documents used the classic Word macros, when analyzing them it was discovered that they use a new technique even to carry out the attacks.
Hackers take advantage of the CVE-2017-11882 vulnerability, a security flaw in the Office equation editor that allows code to be executed in the system.
As per investigation by a firm specialized in information security, now the hackers send a DOCX document via e-mail, a document that seems harmless but, when it is executed, loads an embedded OLE object that downloads and opens an RTF document which is used to exploit the vulnerability, which executes a series of commands that finally download a VisualBasic script that, when executed, infects our system with a malware that steals our passwords and sends them to a remote server controlled by hackers.
Microsoft in the security patches of January 2018 included a patch to mitigate the vulnerability, so if we have our system updated we will not have to worry about.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.