Security researchers have warned Windows 10 users that a new set of hackers
are now targeting newly updated computers. As Windows 10 users keep adding new
functionality and features, hackers are continuously seeking new ways to exploit
these users and launch an attack on their system.
Even when users have constantly updated their operating systems, new research has discovered that some hackers may still find ways to exploit these updated systems. The recent TrickBolt malware attack is a perfect example of the continuous threat to systems even when they are fully updated.
In this case, the TrickBolt malware campaign was used to
infiltrate the updated systems of some Windows 10 users. Sadly, some security
researchers have pointed out that the sanitization of the Microsoft macro
threat may not be possible anytime soon, going by the current situation of
cybersecurity.
The malicious “macro virus” has been in existence for more
than 2 decades. The malicious threat, which often attacks word documents,
became very famous years later.
It got to the extent that Microsoft decided to take a
proactive approach by disabling macros by default in 2000.
However, the proactive measure did not completely quell the
attack or stop the threat, as Google revealed that such malicious documents
were seen in about 58 percent of the malware that affects Gmail users.
Researchers are now warning new Windows users of a new malware campaign
that targets the desktop Active control function in Word documents. Now, the banking
Trojan referred to as TrickBot is used to target the windows 10 users for
Bitcoin stealing and credential harvesting.
Earlier this year, security researchers revealed that the
TrickBot malware enterprise was gaining access to the Windows system through
the backdoor, which makes it difficult to detect. The researchers also said
that the TrickBot malware has already infiltrated about 250million emails
before it was discovered.
The malware, while trying to evade detection, has evolved
over the past few months. And the malware has continued to evolve since then to
avoid being detected.
According to the security researchers at Morphisec Lab, TrickBot
has updated its delivery and attack method on Windows 10 users completely in
the crosshairs.
The researchers also pointed out that the actors of the
TrickBot attack are taking advantage of the threat window that opens operating
systems like Windows 10. A researcher at Morphisec, Michael Gorelik, said that
the actors are using the ActiveX control protocol to execute malicious attacks
on Windows 10 and are seriously evading detection from Windows 10 security
shield.
According to him, “The attackers utilize the ActiveX
control for automatic execution of the malicious macro following an enable of
the document content.”
The attackers have made sure the malicious software stays under the radar as it exploits Microsoft Word documents in Windows 10. The affected document in the malware attack contains an image that seems to show an encrypted document, which keeps the ActiveX control under the radar. Once the user is deceived into enabling the content, it automatically launches the attack on the user’s word documents.
The researchers also said the attackers concealed the “OSTAP”
downloader and kept it invisible in the human eye, making it more difficult for
the user to detect any malicious activity.
The worst part is the fact that computers will see this malicious
downloader element but interpret it as genuine
This arrangement by the hackers is primarily intended to
attack Windows 10 users who have done the most recent updates.
With this latest information, it seems regularly updating
the system with the most recent software updates is no longer enough to keep
hackers at bay as they are now trying new methods to infiltrate recently
updated systems.
In line with this development, researchers have warned users to be extremely careful with their activities online. Even if hackers succeed in infiltrating an updated system, they wouldn’t find anything substantial if the users do not keep them in their system.
Users to be careful with the type of information they keep in their system and what they exchange online. The researchers also added that users should still ensure they carry out regular updates on their system since such updates will drastically reduce the possibility of attacks.
paypal fullz free unicc dark web link
Categories