Microsoft has raised the alarm about a dangerous new breed of malware that can steal your account credentials, copy everything you’ve copied on your computer, and spy on your webcam. The malware is distributed using shady PDFs that are attached to emails sent to unsuspecting PC owners.
Trying to open the PDF is enough to start the attack. Double-clicking the bogus file will “download malicious VBScript, which will erase the RAT payload,” Microsoft warns. RAT stands for Remote Access Trojan, inspired by the Greek military tactics that view seemingly safe files with malware as a way to sneak them onto the victim’s computers.
According to Microsoft research, attackers are currently spoofing legitimate organizations in the aviation, travel, or freight industries to trick email users into launching the malware-laced PDF.
This type of RAT is designed to steal a wide variety of information. Credentials, including usernames and passwords for your online accounts, anything saved on the clipboard (the tool that lets you copy and paste text, pictures, apps, and more across the operating system), and pictures from your webcam. If this stolen data doesn’t directly enable the cybercriminals to make a profit (a password for your online banking is a pretty quick way to make a dollar or two), the data can be used to blackmail users into paying .
MORE LIKE THAT
This horrific new Windows 10 bug sounds like the most annoying bug ever
A number of scams recently have blackmailed users from bad actors who claim they have access to stolen images from your webcam. If you don’t pay, the hackers threaten to send the offensive pictures to friends, family and co-workers they know thanks to the stolen access to your social media accounts.
It’s cruel stuff, but unfortunately, these types of cyber attacks are becoming more common.
Worse, you don’t even have to download the troublesome PDF to fall victim to this type of attack. Microsoft warns that only one person in a sprawling multinational can fall victim to this scam before the malware spreads across the company’s IT network. So you could be working at home and luckily unaware that one of your coworkers fell for the scam just to give hackers access to your webcam.
Some security experts have speculated that with a dubious email with a malicious file attached, hackers managed to blackmail the CEO of the Colonial Pipeline in the US with $ 4.4 million in order to regain access to their internal IT network to obtain. This shows the extent of the attacks that are possible with this type of technique.
If you make sure you use a unique generated password for every online account, you can keep yourself well protected. This way, if hackers get access to one of your credentials, they won’t be able to use the same email-password combination to unlock every single account on your behalf. Never download unwanted files that you are not sure about. And don’t be afraid to speak to your IT team if you suspect something.
If you’re running Windows 10, Microsoft added an application called Windows Sandbox. This creates a standalone virtual version of Windows 10 that is separate from your files, applications, and data. Launching this app, pasting the file in question onto the blank desktop, and opening it in Windows Sandbox can be a great way to check a dodgy file.