Researchers of Kaspersky laboratories reported on a new project to attack users of office applications of Microsoft. The main goal is the theft of cryptocurrency assets, hidden mining on victims and compromising personal data.
According to researchers, attackers created a fake OfficePackage project on Sourceforge, disguised as supplemented by office applications.
The main platform of the attack of the victims of the victims was the automatically generated subdomain OfficePackage.Sourceforge.io, which is well indexed by search engines, including Yandex.
After the link to the link, users see a fake list of office applications with download buttons, which actually start infection with malicious software.
The scheme works through the redirection chain: after downloading the ZIP archive, users get a 700 MB installer, which sets crypto-chainers and Clipbanker program for intercepting cryptotrazazations. Malicious software uses hidden scripts, checking the presence of antiviruses and sending data on the telegram-bout system.
From January to March, Kaspersky experts recorded more than 4600 attacks, 90% of which came to Russia.
Earlier, Kaspersky experts reported a threat to smartphone owners on the Android operating system-a modified version of Triada virus. Triada was first detected in 2016, but continues to evolve, becoming more and more secretive and dangerous, Kaspersky Laboratory specialists warned.
Source: Bits
I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.
