Security News > 2024 > May > Pirated Microsoft Office delivers malware cocktail on systems
Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites.
The malware delivered to users includes remote access trojans, cryptocurrency miners, malware downloaders, proxy tools, and anti-AV programs.
The base64 payloads hosted on those platforms contain PowerShell commands that introduce a range of malware strains to the system, unpacked using 7Zip.
The malware component 'Updater' registers tasks in the Windows Task Scheduler to ensure it persists between system reboots.
As these files are not digitally signed and users are prepared to ignore antivirus warnings when running them, they are often used to infect systems with malware, in this case, an entire set.
Police seize over 100 malware loader servers, arrest four cybercriminals.
News URL
Related news
- Fake Microsoft Office add-in tools push malware via SourceForge (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware (source)
- Microsoft releases emergency update to fix Office 2016 crashes (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- Microsoft blocks ActiveX by default in Microsoft 365, Office 2024 (source)
- Microsoft: Office 2016 and Office 2019 reach end of support in October (source)
- Microsoft will update Office apps on Windows 10 until 2028 (source)
- Microsoft fixes Linux boot issues on dual-boot Windows systems (source)
- South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware (source)