Security News > 2024 > May > Pirated Microsoft Office delivers malware cocktail on systems
Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites.
The malware delivered to users includes remote access trojans, cryptocurrency miners, malware downloaders, proxy tools, and anti-AV programs.
The base64 payloads hosted on those platforms contain PowerShell commands that introduce a range of malware strains to the system, unpacked using 7Zip.
The malware component 'Updater' registers tasks in the Windows Task Scheduler to ensure it persists between system reboots.
As these files are not digitally signed and users are prepared to ignore antivirus warnings when running them, they are often used to infect systems with malware, in this case, an entire set.
Police seize over 100 malware loader servers, arrest four cybercriminals.
News URL
Related news
- New Latrodectus malware attacks use Microsoft, Cloudflare themes (source)
- Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications (source)
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)
- New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems (source)