Cyber security news for all

More

    Trojan Ursnif hides itself in a Word file

    Experts are currently warning of a wave of Trojans using the Ursnif malware.  The Trojan is distributed through a zip archive attached to an email. The message can also come from a known sender. The zip archive is password-protected, so anti-virus programs cannot check the file for viruses. The password for the zip archive is in the mail text.

    Trojan Ursnif hides itself in a Word file in the zip archive. As a result, anyone who opens the Word file should activate macros. Only then can the malware infect the computer. Such macros only work with Microsoft Office. Anyone who uses another program such as Open Office should not catch a trojan.

    Ursnif is a banking Trojan that records various sensitive information. Including username and passwords from web forms. The program can also take screenshots, intercept keystrokes or load and start other software on the infected computer. The Ursnif Trojan steals usernames, passwords and personal data from web forms on the infected computer and loads additional malware. In addition, as a keylogger, it can intercept keyboard input and also take screenshots. The malware sends all captured data to a command and control server.

    Trojan Ursnif

    Antivirus Programs Cannot Warn You

    The archive is password-protected, so it is not possible for antivirus programs to scan it and alert the user. To open the archive, you will receive the associated password in the mail. If you then open the Word file, often disguised as an invoice, and activate the macro function as described in the document, you will get the malware on your computer. For security reasons, macros have long been deactivated in Word by default. However, they can be switched on with just a few clicks, which attackers exploit.

    To avoid infection, you should generally be critical of links or email attachments – especially if you receive a message without being asked. If the mail comes from a known sender, you should inquire by phone or in person whether a mail has been sent.

    Recent Articles

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Vodafone experiences a vulnerability with fatal effects

    The injected JavaScript can access the session cookies from Vodafone website and send them to a server. An attacker can take over the session...

    Maze leaks data on its own platform

    The Maze ransomware has been up to almost a year and a half. This week, security experts warned about the actions of the cyber...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox