Experts have discovered a new coronavirus-themed malware that can disguise itself as Microsoft Excel spreadsheets. It then allows hackers to access PCs remotely.
According to Lifehacker's latest report, COVID-19 related malware campaigns and scams show no sign of subsiding as many parts of the United States are preparing to slowly open after being on lockdown for several weeks.
Also Read: Over 80 Colleges to Skip SAT and ACT until 2024; Anti-testing Movement Questions Security of Online Testing
New Coronavirus-Themed Malware Can Disguise As Excel Spreadsheets That Will Allow Hackers Access The PC Remotely
The details of two new massive coronavirus phishing campaigns were disclosed by the Microsoft Security Intelligence Team, stating that hackers were tricking users to download and open malicious Excel files attached to random emails allowing them to access PCs remotely. Lifehacker previously reported that cyber attackers are still at large using different malicious methods to acquire important data.
Also Read: UK Government Splurges on Hundreds of Zoom Accounts Despite Warnings From Security Chiefs
One of these is a fake coronavirus tracker that could infect computers and other devices. Reason Security gave the warning to avoid the coronavirus tracker dashboard since some of the COVID-19 maps could contain serious malware called AZORult. Hackers can extract social media logins and browser histories using the malware.
They can also gain access to the infected devices remotely, attacking cryptocurrency vaults and bank accounts. "Corona Virus Map" Windows software was allegedly accused by Reason Labs of hacking, using the same interface of the Johns Hopkins University's tracker to look more legitimate.
New coronavirus-themed malware can disguise as Excel spreadsheets that will allow hackers to access PC remotely
According to Lifehacker, the malicious Excel spreadsheets were attached to some of the emails sent by Johns Hopkins University, while others offer personal coronavirus testing or similar services. The Excel documents attached to the malicious emails are titled as "WHO COVID-19 REPORT". Codes are embedded in the Excel spreadsheets that sneakily install the remote desktop access tool, NetSupport Manager when the file is opened.
New Coronavirus-Themed Malware Can Disguise As Excel Spreadsheets That Will Allow Hackers Access The PC Remotely
According to the previous post of Microsoft Security Intelligence on Twitter, the massive COVID-19-themed campaign that provides access to the remote access tool NetSupport Manager through emails containing malicious Excel 4.0 macros, is currently being investigated.
We’re tracking a massive campaign that delivers the legitimate remote access tool NetSupport Manager using emails with attachments containing malicious Excel 4.0 macros. The COVID-19 themed campaign started on May 12 and has so far used several hundreds of unique attachments. pic.twitter.com/kwxOA0pfXH — Microsoft Security Intelligence (@MsftSecIntel) May 18, 2020
It was clarified that NetSupport Manager is an official program that can slip past antivirus software and antimalware allowing its users to safely use it in normal circumstances without any trouble.
However, the hackers took advantage of the feature to access files and software in PCs remotely, allowing them to install malicious software in the system. The coronavirus-themed malware is not the first NetSupport Manager-based phishing campaign. This phishing attempt, and others like it, can be easily prevented once the user knows what it looks like.
