Hackers are frequently exploring newer methods to gain access to over a user’s device. It is relatively a common practice for hackers to infuse cryptocurrency mining programs through YouTube videos and advertisements, They, have also found a loophole in Microsoft Words ‘online video’ feature.
This matter of Cryptocurrency mining with JavaScript loaded through a browser has now become a cause for stellar concern especially regarding users who are not so tech-savvy.
Ways by which MICROSOFT WORD IS being ABUSED BY HACKERS?
If required to add a small video Microsoft Word provides this feature of inserting with no code embedding required. This feature is provided in an attempt to keep the document size relatively small. Hackers have found a way to abuse this feature to their advantage. Israel-based cybersecurity firm Votiro further explained how it is misused, when a user attaches an online video, a webVideoPr element of type CT WebVideoPr, which supports embedded HTML code is loaded in the document. As security checks are very lenient much emphasis isn’t given to this loaded HTML code which poses massive security risks.
If the cryptocurrency mining video link is on YouTube and browser, the user has to keep the corresponding video frame open for the JavaScript to do its dirty work. Hackers have majorly focussed all their attention on Internet Explorer users as it not frequently updated in comparison to Chrome or Firefox for hijacking the CPU of a user for cryptocurrency mining and best bitcoin wallet.
Once hackers have taken command of your devices and through games like best clash royale deck, it is now time they raise the bar and perform the next step. They send a word document with a malicious code that is delivered through spam. The key element that persuades the users to click on the video is the topic headline. It is so catchy that the user cannot resist and clicks on it disabling the ‘protected view’ Once this is done the user isn’t aware that, the IE frame would redirect them to the exploit-kit (a malicious toolkit used to exploit security holes found in software applications with the intention of spreading malware). If the exploit is successful, a malware program gets downloaded to the victim’s computer and executed gate, which would survey and further corrupt the device, if conditions are suitable for exploitation.
The program can also be installed on an updated Windows 10 device because the process defeats Windows Defender Exploit Guard as the exploitation is done as a separate process. The ‘online video’ feature also available in PowerPoint, But PowerPoint doesn’t permit injection of HTML code.