The Sri Lanka Computer Emergency Response Team (CERT) has warned of cyber attacks on users of Microsoft office.
CERT said that with the COVID-19 crisis, cybercriminals are busy scamming and delivering malware using the attention-getting virus as a lure.
According to the United States Secret Service (USSS) advisory, attackers are using a two decade old Microsoft Office memory corruption vulnerability (CVE-2017-11882), for which Microsoft released a security patch in November 2017.
An attacker will send a phishing email disguised as coming from a hospital. The e-mail contains a malware infected attachment mostly Microsoft office related documents such as excel file, word document, etc. Malware get active when the victim opens the e-mail attachment.
Malware is capable of stealing credentials, open shares on networks and view all files and folders as well as discover and take cryptographic information.
There are chances that the attacker could send an email with .EXE file disguised as a PDF file fooling the recipients into believing that they were opening a PDF file containing list of needed supplies.
If attacked users risk losing control of the Windows PC, hackers can steal credentials and personal information, if the same password is used on other applications or computers in the same network, all of the devices can get compromised and malware infections are possible of ransomware viruses.
The public have been urged to update their Microsoft Office package, update the operating system with the latest security patch, never open email attachments unless you know the sender and refrain from clicking unknown links. (Colombo Gazette)