Hackers are taking advantage of all the facilities which is giving the vulnerability a product of the pandemic coronavirus, and with messages disguised as information, are carrying out multiple internet scams.
One of the latest detected is an attack of phishing that is being made with an attached file of Excel that is sent to the emails of the users.
Microsoft detected the situation and warned that “los e-mails that are sent claiming to come from the Johns Hopkins Center with the title “STATUS REPORT OF THE COVID-19 OF THE WHO”. If the recipient tries to open the Excel files attached, will open with a security warning and will display a graph of suspected cases of coronavirus in the USA, pero if it is allowed to run, the macro malicious Excel 4.0 also download and run the NetSupport Manager”.
While NetSupport Manager is a legitimate tool of remote access, is known to be abused by attackers to obtain remote access and execute commands on compromised machines, said Microsoft.
We’re tracking a massive campaign that delivers the legitimate remote access tool NetSupport Manager using emails with attachments containing malicious Excel 4.0 macros. The COVID-19 themed campaign started on May 12 and has so far used several hundreds of unique attachments. pic.twitter.com/kwxOA0pfXH
— Microsoft’s Security Intelligence (@MsftSecIntel) May 18, 2020
“For several months, we have seen a steady increase in the use of macros malicious Excel 4.0 in campaigns of malware. In April, these campaigns Excel 4.0 jumped on the bandwagon and started to use lures thematic COVID-19”, noted the security team of the company founded by Bill Gates.
Microsoft also added about this phishing attack, “what‘s hundreds of Excel files only in this campaign use formulas highly obfuscated, but all connect to the same URL to download the payload. NetSupport Manager is known for being abused by attackers to obtain remote access and execute commands on compromised machines”.
On the other hand, the software company stated, “Microsoft is processed miles of millions of signals every day via identities, end point, cloud, applications, and e-mail, providing visibility in a wide range of attacks, with the theme COVID-19, which allows us to detect them, protect them and respond to them across our entire stack-up”.
So be careful with file attachments in Excel format or in any format that you may have a strange name and who has a relationship with the coronavirus.
Recommendations of the editor