Security News > 2024 > May > Pirated Microsoft Office delivers malware cocktail on systems
Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites.
The malware delivered to users includes remote access trojans, cryptocurrency miners, malware downloaders, proxy tools, and anti-AV programs.
The base64 payloads hosted on those platforms contain PowerShell commands that introduce a range of malware strains to the system, unpacked using 7Zip.
The malware component 'Updater' registers tasks in the Windows Task Scheduler to ensure it persists between system reboots.
As these files are not digitally signed and users are prepared to ignore antivirus warnings when running them, they are often used to infect systems with malware, in this case, an entire set.
Police seize over 100 malware loader servers, arrest four cybercriminals.
News URL
Related news
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- Microsoft says attackers use exposed ASP.NET keys to deploy malware (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)