Cybersecurity is increasingly becoming a challenge across the world. There are thousands of cases being reported almost every day about cyber-attack-related issues. The most recent one is the Evil Corp malware.
In the recent past, Evil Corp has devised new tactics of phishing victims using Microsoft Excel. Evil Corp is a cyber-criminal group also called Sector Jo4 andTA505 who target financial institutions and individuals. They operate by targeting their victims with huge malicious spam campaigns using Necurs botnet.
However, the group has gone a notch higher in a bid to scam as many people as possible. Their latest technique is sending attachments associated with HTML redirectors together with malicious Excel documents. This latest technique makes it possible for them to distribute remote access Trojans (RATs) and malware downloaders.
How is the victim is affected?
Many companies specialising in Microsoft Office software have recently been made aware of the threat of the Evil Corp malware, working with customers across the US, the Excel Experts have outlined the following issues with the malware.
Once a person opens the HTML attachment, the excel file is automatically downloaded. Upon opening the Excel sheet, a warning will appear on the toolbar that reads “SECURITY WARNING: Macros has been detected” with an option to enable content/editing.
Immediately the victim enables editing, as per the document’s instructions – the malware is unleashed to their system. At the end of the day, the device that downloaded the malware is left with an IP traceback service that tracks the device.
One of the reasons why most people have fallen victim to Evil Corp malware is because of the simplicity that comes with it. Downloading an excel document is the least that you can expect to contract malware. This is why most scammers have taken advantage of the situation and infected millions of computers across the world with Evil Corp.
For more info on Excel related malware see their latest blog: How Microsoft Excel is being used to spread malware.
How to mitigate against the Evil Corp malware
Microsoft has stepped up its fight against malware threats. The company has in the recent past detected and stopped several hacking attempts. The recent one was the discovery of the advanced persistent threat (APT) group that was operating from North Korea. Microsoft managed to respond with a strong legal counterpunch that brought to end the operations of the scammers.
As far as Evil Corp is concerned, Microsoft users are advised not to click on the “enable editing” option on excel files they didn’t ask for in the first place. Nonetheless, Microsoft through its intelligence unit has confirmed that it will stop Evil Corp threat. Microsoft ATP detects and blocks the Evil Corp malware before it infects your device.