Word and Excel were once hackers’ favorite apps for distributing malicious software to duped victims who were tricked into downloading email attachments, but Microsoft blocked the exploit in July.
But it seems that hackers have found another Microsoft platform to distribute malware.
According to BleepingComputer, threat actors are now using Microsoft OneNote to remotely control victims’ PCs, allowing them to install more malware, breach cryptocurrency wallets, steal passwords and even take screenshots and access your webcam.
How Hackers Are Using Microsoft OneNote To Wreak Havoc On PCs
On the plus side, in order to be a victim of a OneNote-propelled attack, you’d need to fall for a phishing email campaign.
And we’d hope that the egregious spelling errors, suspicious-looking email address, and poor mimicking of an official company would deter you from falling for it, but alas, hackers seem to snag a few victims into its web nonetheless.
During BleepingComputer’s investigation, it found that cybercriminals masked their ill-intentioned, malware-infested emails as official DHL correspondence.
The emails attempted to fool recipients into thinking they were getting DHL invoices, shipping documents, notifications, and more.
Once a victim clicks on the OneNote attachment, the information is blurred. There’s an overlay that says, “Double Click to View File.” If the quarry follows the instruction, chaos ensues.
According to BlleingComputer, threat actors are attaching malicious VBS attachments that automatically launch the script when double-clicked to download malware from a remote site and install it.
Remote-access trojans will then take over the computer, allowing hackers to steal victims’ files. breach cryptocurrency wallets, and snatch browser passwords. In some cases, cybercriminals can even take screenshots and take control of users’ webcams.
How To Protect Yourself
Good news! If you attempt to download a malicious attachment, according to BleepingComputer, you should get a warning from Windows informing you that the document may be harmful.
However, users often ignore this pop-up message and download it anyway, don’t be that person.
But you shouldn’t get that far, really, because you should refrain from opening emails and attachments from unknown sources. Plus, phishing emails are typically easy to spot.
As mentioned, poor grammar, spelling errors, waywardly placed logos, and other fishy elements should make spotting malicious emails a piece of cake.
If you feel it may be a legitimate email, share it with a security or Windows admin to help you verify if the file is safe
