Software and hardware giant Microsoft is warning about a new phishing campaign that uses malware-infected Excel files attached in emails related to COVID-19. The company’s security division has been tracking such campaigns which can be used to get remote access of any PC if the user at the other end opens the mail attachment.
Microsoft said the campaign based on COVID0-19 started on May 12 and it has already come up with several hundreds of unique attachment like that.
The emails sent as part of the attack claim to be sent from the Johns Hopkins Center and comes with the title “WHO COVID-19 SITUATION REPORT”. If the person opens the attached Excel files, they will be able to see a graph of coronavirus cases in the US. And if they let the program run, Excel 4.0 macro also downloads and runs NetSupport Manager. This tool allows attackers to get remote access to any PC by running commands to take control.
While NetSupport Manager is a legitimate remote access tool, it’s known for being abused by attackers to gain remote access to – and run commands on – compromised machines, Microsoft said.
For several months now, we’ve been seeing a steady increase in the use of malicious Excel 4.0 macros in malware campaigns. In April, these Excel 4.0 campaigns jumped on the bandwagon and started using COVID-19 themed lures,” Microsoft’s Security Intelligence pointed out in a series of tweets.
Covid-19 related campaigns have become the prime source of getting the user’s attention for the attacker over the past few months. Various security agencies have already talked about the number of COVID related URLs being registered in the past few weeks, which is used to target people with the machine that are left unsecured.
Hackers and cybercriminals have found a way to exploit panic-stricken people around the globe by stealing their sensitive personal information.It’s obvious that falling prey to such tactics require the person to be vigilant and always check the sender of the mail before opening any attachments in the mail.