There is a new malware attack that allows personalised data such as passwords and personal data, as well as webcam photos to be taken.
This blog post will highlight the dangers of this new piece of malware and how you can remain alert!
What is the malware and how does it get onto your computer?
It is a new version of malware that is distributed using PDFs that aren’t real.
When the PDF is opened, it downloads a malicious script which then downloads the trojan.
It is a RAT which stands for “Remote Access Trojan” – it means that files that may seem safe, actually have malware inside them so that they can be easily put onto people’s computers without them noticing.
This particular piece of malware is even more threatening in the fact that only one person on your network needs to fall for it. If one person clicks on the malicious file, this can give them access to computers and files on the whole network. So even though you may have not clicked on the file, unbeknown to you, someone may have already done so.
What does the email look like?
Microsoft has a series of tweets that show an example email here and goes into more technical details on how the scam actually works.
Through current Microsoft research, they have found that emails are being spoofed of organisations in the travel, aviation, and cargo industries. These legitimate organisations are being used into trying to trick users into launching the PDF.
What data can the malware steal?
The malware is designed to steal a multitude of information:
- Login credentials for online accounts
- Anything on your clipboard (anything that you have copied or pasted)
- Images from your webcam
What can happen if this data is taken?
The personal data that is taken directly, such as usernames and passwords, can allow the hackers to login into any online accounts.
The more terrifying aspect of this malware attack is that even if they don’t manage to get all your data, they can use it along with pictures from your webcam as a form of blackmail.
How to protect yourself!
- Have a different password for every online account – so that if one account is compromised, this doesn’t affect any others.
- Never download any files you unsure about – check with an IT team if possible.
- If you are using Windows 10, you can use Windows Sandbox where it’s a virtual version of Windows that is not linked to your computer. You can then open the suspected file there and see if it legitimate.
Read more about the malware scam here
You can find more detail about the new piece of malware here.