Sigh. Security researchers at Microsoft have unearthed what they say is a massive phishing campaign to infect PCs with malware under the guise of providing current statistics related to COVID-19.
You know, just some terrible people trying to make a quick buck off of the coronavirus pandemic.
According to the details provided, the company has seen a steady increase in unsolicited email attachments that contain malicious Excel 4.0 macros. Apparently, the latest campaign only started around a week ago, but already has so far used several hundred unique attachments.
This is what it looks:
And this is how it rolls:
“The emails purport to come from Johns Hopkins Center bearing ‘WHO COVID-19 SITUATION REPORT’. The Excel files open w/ security warning & show a graph of supposed coronavirus cases in the US. If allowed to run, the malicious Excel 4.0 macro downloads & runs NetSupport Manager RAT.”
Apparently, the number of malicious Excel 4.0 macros was already on the rise, according to Microsoft. But the advent of the COVID-19 meant that cybercriminals started to use it as a bait to lure in their victims.
Now we have hundreds of these macros being used out in the wild for this phishing campaign, and they all connect to the same URL that delivers a viral payload to PCs. Once infected, the attacker gains remote access to run commands on the comprised system, and install even more malware.
Rather meta, when you consider that these shady people are using the virus to deploy their own virus!
Then again, threats like these were to be expected Even forewarned.
There’s all manner of malware now running amok, masquerading as COVID-19 information, including one that can make a PC unbootable by overriding the master boot record. Now would be a good time to be on the lookout for these types of threats.
Smart computing goes a long way here.