electrostatic experts “Kaspersky Lab” found in MS Office methadonemaintenance function, which allows attackers to collect data about the target system by simply sending the victim a specially formed Microsoft Word document, with no active content: VBA macros, embedded Flash objects or executables. A function present in Microsoft Word for Windows and mobile versions of Microsoft Office for iOS and Android. LibreOffice and OpenOffice don’t support it.
According to the researchers, the functionality is already being exploited by hackers in the framework of multi-stage attacks Freakyshelly, the first stage which involves the collection of data on the target system. The study of this attack, the experts detected phishing newsletters that contained some interesting attachments as files in OLE2 format, which did not contain any macros, no exploits, or any other active content. Upon closer inspection, it turned out that the file included a number of links to PHP scripts located on external websites. When you try to open files in MS Word, the application can send a GET request on one of the links, as a result, attackers obtained the data about the installed system software.
The analysis of the document revealed the INCLUDEPICTURE field, stating that certain text is tied to the picture, however, the attacker used it to place suspicious links. The problem is that Microsoft documentation for a description of the INCLUDEPICTURE field is practically absent. In the ECMA-376 standard describes only part of the INCLUDEPICTURE field to one byte delimiter and there is no information on how to interpret the data after it, and how to interpret, experts said.
© 2017 – 2019, paradox. All rights reserved.
The man who critically injured Slovak Prime Minister Robert Fico on Wednesday was a fierce…
The Asia-Pacific region should be free of military blocs because of their potential to undermine…
Russian President Vladimir Putin was welcomed with an honor guard after his plane touched down…
Russian President Vladimir Putin has set the stage for his state visit to China by…
С каждым днем онлайн-казино становятся все более популярными среди азартных игроков. И это вполне логично:…
Russian President Vladimir Putin has officially appointed Andrey Belousov as the new minister of defense.Belousov,…