Security News > 2023 > February > OneNote documents spread malware in several countries

Some other cybercriminals have found a different way to keep abusing Microsoft products for infecting computers with malware: infected OneNote documents.

A new Bitdefender study exposes a phishing campaign abusing OneNote to infect computers with malware.

In the end, users opening the OneNote documents were infected with AsyncRAT, which Bitdefender describes as "a nifty remote access tool designed to stealthily let an attacker infiltrate the devices of the target victim's device."

Several infected machines can be handled in the same interface.

December 2022, Trustwave also reported phishing attack campaigns, this time delivering the Formbook malware, a spread information stealer capable of stealing passwords, taking screen captures, executing code and more.

Malicious OneNote files mostly make use of attached files inside the document.

News URL

https://www.techrepublic.com/article/onenote-documents-spread-malware/