The hackers are distributing a malware cocktail via cracked versions of Microsoft Office marketed on torrent websites. Malware distributed to customers includes remote access trojans (RATs), cryptocurrency miners, malware downloaders, proxy tools, and anti-AV programs.
The AhnLab Security Intelligence Centre (ASEC) has recognised the ongoing attempt and warns against the risks of downloading unauthorised software. Korean researchers identified that the attackers employ a variety of lures, including Microsoft Office, Windows, and the Hangul Word Processor, which is popular in Korea.
MS Office to malware
The cracked Microsoft Office installer has a well-designed UI that allows users to choose the version they wish to install, the language, and whether to use 32- or 64-bit versions.
However, in the background, the installer launches an obfuscated.NET malware that contacts a Telegram or Mastodon channel to obtain a valid download URL from which it will down
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: