Cybercriminals are updating their tactics when it comes to using malicious attached Microsoft Word and Excel documents to not only fool the human recipients, but a device’s security software.
An increase in the number of Excel spreadsheets being used to deliver the LimeRAT remote access trojan using the VelvetSweatshop default password has been tracked by Mimecast. At the same time Securonix has spotted ransomware being spread using weaponized COVID-19/coronavirus-related documents and emails with the intention of disrupting critical healthcare and other businesses’ operations.
Combining LimeRAT with VelvetSweatshop is a particularly unwelcome and powerful technique as it enables the malicious document to appear legitimate to the receiving system by using encryption, Mimecast reported The threat actors are taking advantage of an existing Excel security measure that enables a spreadsheet to be password protected, essentially encrypted, requiring the recipient have the password.
This threat was uncovered by Mimecast Threat Center’s Doron Attias and Tal Dery.
Unfortunately, there is a flaw in the Excel system that can bypass the need for a password to be input that can let a malicious document slip i ..
Support the originator by clicking the read the rest link below.
