• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Malware that infects users without needing to click anything

June 12th, 2017 Jahanzaib Hassan Security, Malware 0 comments
Malware that infects users without needing to click anything
Share on FacebookShare on Twitter

We have all heard or seen malware that is embedded within malicious links. Usually, the user is prompted to click the link in order for the malware to do its job. However, researchers at Trend Micro have recently uncovered a malware that only needs you to hover your mouse over a link for the malware to execute itself.

Banking Trojan

According to researchers, the malware is essentially a banking Trojan which, automatically steals a victim’s credentials and banking information when inside users’ system.

Primarily, the researchers analyzed the Trojan and found it to be an OTLARD variant, otherwise known as Gootkit. This banking Trojan has been in cyberspace since 2012 and has evolved into being a Trojan capable of remote access, network traffic monitoring and other similar tactics.

The Trojan can steal bank information and has done so in the past in a campaign that involved France. The perpetrators sent out files which seemingly appeared as letters from the French Ministry of Justice.

[irp posts=”42117″ name=”Dridex Malware is Back and Targeting Banking Sector in US”]

How does it work?

The malware is activated right after the victim hovers over a link that is present in the PowerPoint file, sent as an email attachment. The email contains other files such as an invoice and a purchase order as well along with the PowerPoint file, PPS or PPSX.

Image Credit: Trend Micro

When the victim opens the PowerPoint slide, he/she hovers over a link in the slide and if the user chooses to run the associated file from the pop-up that appears in Microsoft Office, the malware will execute itself instantly.

Image Credit: Trend Micro

However, this is assuming that the user is operating older versions of Microsoft Office. This is because, in the latest version, Microsoft Office originally opens files in Protected View thereby preventing any malicious infections to get into the system.

As such, the method largely relies upon adept social engineering so as to effectively trick the user into opening the file and disabling the Protected view so as to hover over the link.

The technique of a mouse-hover may work effectively in corporate environments where Office files are regularly sent and received with employees paying little attention to what the file is. According to Trend Micro:

“The trick will not work in Microsoft PowerPoint Online or Office 365’s “web mode”, as these don’t provide the actions functionality that is present in offline/desktop versions. An Office 365 end user, however, can still be affected if he accesses his account and opens the malicious file through a client (PowerPoint locally installed in the machine).”

[irp posts=”53575″ name=”10 Crucial Security Tips to Reduce Data Loss in Microsoft Office 365″]

How to protect yourself?

One way of preventing the attack is to update your Microsoft Office version and use Protected View to read files. Also, given that the attack uses the medium of email, boosting email security is another way to protect yourself against these types of attacks.

[irp posts=”54282″ name=”A Malware That can Bypass Windows Firewall Using Intel’s Management Tech”]


DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

  • Tags
  • Banking
  • hacking
  • internet
  • Malware
  • Privacy
  • security
  • Technology
Facebook Twitter LinkedIn Pinterest
Previous article 'The Most Sophisticated Mac Ransomware' Being Sold on Dark Web
Next article Phishing Scams: 5 Excellent Tips That Will Protect You
Jahanzaib Hassan

Jahanzaib Hassan

Related Posts
Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

30
Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet
Security

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

74
Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping
Security

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

98

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us