The Sri Lanka Computer Emergency Response Team (CERT) has warned against transmission of malware through  Microsoft Office documents amid the COVID-19 crisis. "With COVID-19 crisis, Cybercriminals are busy scamming and delivering malware using the attention-getting virus as a lure." CERT citing a United States Secret Service (USSS) advisory said, "attackers are using two decade old Microsoft Office memory corruption vulnerability (CVE-2017-11882), for which Microsoft released a security patch in November 2017." "An attacker will send a phishing email disguised as coming from a hospital. E-mail contains a malware infected attachment mostly Microsoft office related documents such as excel file, word document, etc. Malware get active when victim opens the mail attachment." "Malware is capable of stealing credentials, open shares on networks and view all files and folders as well as discover and take cryptographic information." There are chances that the attacker could send an email with .EXE file disguised as an PDF file fooling the recipients into believing that they were opening a PDF file containing list of needed supplies.

Impact

✻  Losing control of your windows PC ✻  Stealing credentials & personal information ✻  If the same password is used on other applications or computers in the same network, all of devices can get compromised ✻  Malware infections possible of ransomware viruses

Solution/ Workarounds

✻  Update Microsoft Office package ✻  Update operating system with the latest security patch ✻  Never open email attachments unless you know sender ✻  Refrain clicking unknown links

References

✻  https://www.csoonline.com/article/3536696/us-secret-service-warns-of-malicious-emails-offering-covid-19-information.html