Phishing emails with malicious attachments made in Microsoft OneNote are now being used by cybercriminals to distribute malware. Victims are infected with remote access malware, which can be used to install different software, steal passwords, and even steal cryptocurrency wallets.
According to Bleeping Computer, for many years now, cybercriminals have been spreading malware through emails by means of infected Word and Excel files that start macros to download and install additional malware.
However, in July of last year, Microsoft disabled macros by default in Office documents. This rendered this method unreliable for the distribution of malware.
According to the findings of the investigation, threat actors swiftly began using new file formats after they had quickly begun using new file formats. These new file formats included password-protected ZIP files and ISO images.
Hackers Now Spreading Malware via Microsoft OneNote
Desktop users can have access to the digital notebook program known as Microsoft OneNote by either downloading it from the Microsoft website for free or subscribing to either Microsoft Office 2019 or Microsoft 365. Both of these options are available to desktop users.
Even if a Windows user does not use the application, Microsoft OneNote is still available to open the file format because it is installed by default in all Microsoft Office/365 installations. This means that even if the user does not use the application, it is still available to open the file format. This is the case regardless of whether or not Microsoft Office 365 was installed.
Trustwave SpiderLabs has been issuing alerts about threat actors who have been sending malicious spam emails with OneNote attachments as the target since the middle of December. These malicious spam emails, copies of which were obtained by BleepingComputer, look to be DHL delivery alerts, invoices, ACH remittance forms, mechanical drawings, and shipment documents. BleepingComputer discovered copies of these malicious spam emails.
Also Read
- Roaming Mantis Spreading Android Malware In European Countries
- Data from KFC, Taco Bell, & Pizza Hut Got Stolen In Ransomware Attack
- Microsoft Investigates Bug Behind Unresponsive Windows Start Menu
- Microsoft starts testing tabs in Notepad for Windows 11
- Microsoft Ending Support for Windows 7 & Windows 8 Versions
- Windows Error Reporting Tool Utilized By Hackers To Distribute Malware
