CySecurity News – Latest Information Security and Hacking Incidents
Recently a unit of researchers delivered a detailed study on a new phishing campaign at HP Wolf Security. As per the report, threat actors are exploiting Microsoft Excel add-in files in order to send various forms of malware into the systems that could leave businesses vulnerable to data theft, ransomware, and other cybercrime.
Researchers said that threat actors are excessively using malicious Microsoft Excel add-in (XLL) files to damage the systems and it has been observed that there was an almost six-fold (588%) increment in attacks using this technique during the final quarter of 2021 compared to the previous three months.
XLL add-in files are very famous among people because they provide users to execute a wide range of extra tools and functions in Microsoft Excel. But like macros, they’re a tool that can be exploited by threat actors.
According to the report, threat actors distributed malicious links via phishing emails related to payment references, quotes, invoices, shipping documents, and orders that come with malicious Excel documents with XLL add-in files. The recipient is then tricked into clicking a malicious link, which can lead to the installation and activate the add-in of malware, freezing of the system as part of a ransomware attack, or the revelation of sensitive information.
Malware families that have been used in attacks leveraging XLL files include Dridex, BazaLoader, IcedID,
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: