Security News > 2024 > May > Pirated Microsoft Office delivers malware cocktail on systems
Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites.
The malware delivered to users includes remote access trojans, cryptocurrency miners, malware downloaders, proxy tools, and anti-AV programs.
The base64 payloads hosted on those platforms contain PowerShell commands that introduce a range of malware strains to the system, unpacked using 7Zip.
The malware component 'Updater' registers tasks in the Windows Task Scheduler to ensure it persists between system reboots.
As these files are not digitally signed and users are prepared to ignore antivirus warnings when running them, they are often used to infect systems with malware, in this case, an entire set.
Police seize over 100 malware loader servers, arrest four cybercriminals.
News URL
Related news
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts (source)
- Linux systems targeted with stealthy “Perfctl” cryptomining malware (source)
- GoldenJackal Target Embassies and Air-Gapped Systems Using Malware Toolsets (source)
- European govt air-gapped systems breached using custom malware (source)
- Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)