Security News > 2022 > February > Malicious CSV text files used to install BazarBackdoor malware
A new phishing campaign is using specially crafted CSV text files to infect users' devices with the BazarBackdoor malware.
A comma-separated values file is a text file containing lines of text with columns of data separated by commas.
Since a CSV is simply text with no executable code, many people consider these types of files harmless and may be more carefree when opening them.
Microsoft Excel supports a feature called Dynamic Data Exchange, which can be used to execute commands whose output is inputted into the open spreadsheet, including CSV files.
A new phishing campaign spotted by security researcher Chris Campbell is installing the BazarLoader/BazarBackdoor trojan through malicious CSV files.
Csv file is just a text file, with columns of data separated by commas, as seen below.