According to Microsoft, they have around 1.2 billion office users and 60 million Office 365 commercial customers. To maintain its users, they give regular updates and fix the bugs it they have any in MS Office. Recently they have added a new feature in Microsoft Word, which is an online video feature. Using this feature, you can include a remote video in Word document without embedding thus making the document size less. But nowadays hackers are using this feature wrongly as this feature allows hackers to veil cryptojacking script in Microsoft Word documents to secretly bargain Monero from users.
How Can Hackers Secretly Enter Your Computer?
As we have mentioned above, hackers use Microsoft Word documents to distribute cryptocurrency mining scripts to capture user’s Computer for mining Monero. They use Microsoft’s new feature to hijack the CPU of users Computer.
Let’s see how a hijacker can use this new feature of Microsoft.
This new feature permits a user to simply paste the iframe embed code in a Word document to add an Internet video. To insert an HTML code into a document it must be running in the background as MS Word is skilled for phrasing code. As per the Votiro, image should be a type of CT WebVideoPr as it supports embedded HTML code.
<wp15:webVideoPrxmlns:wp15=”http://schemas.microsoft.com/office/word/2012/wordprocessingDrawing” embeddedHtml=”<marquee> What? </marquee>”/>
This frame is an encapsulated iexplore.exe process, attained by using the: ieproxy!CWebBrowserHandler_CreateInstanceWrapper method (of ieproxy!CWebBrowserHandler class).
Above HTML performed only basic process, however it poses several security risks, which we would like to share it with you.
Also Read: HTTPS: More Secure More Reliable Way to Surf Over Internet
Hackers Use Internet Explorer for Cryptocurrency Mining
Cryptocurrency mining is done via JavaScript based browser as it is easy and quick process for hackers. And to make this attack successful, most of the cyber-criminals use Internet Explorer, as most of the users use Google Chrome and Mozilla Firefox, and they do not update their IE browser. So, IE frame turns out to be a perfect option for hackers to attack. They just add a cryptojacking script in the browser, so that when a victim watches a video from the Word document, their CPU gets exhausted in background.
To make their attack 100% successful, they usually use a trick, in which they add a trailer of the video. Unaware! the user is tempted to watch the complete video.
Microsoft Words new feature could also be used to embed phishing pages inside files as well. This ‘Online Video’ feature occurs in other products of the Office 365 suite, including OneNote and PowerPoint.
Also Read: How to Identify And Stay Protected From Rogue Security Software And Scareware
Unlike MS Word, it appears that this ‘Online Video’ feature is held by them in a secure manner.
To sum up, we advise users to be distrustful when they come across a Word document bearing an Online Video, as we don’t know what that video contains. And you should be careful while opening a Word file through email. Also make sure that your Computer is up-to-date with security program and latest update of security patches, specifically Internet Explorer.
Quick Reaction:
Comments are closed.