Jan 27, 2023
After Google Docs, hackers turn to Microsoft OneNote to target users with malware
Posted by Shubham Ghosh Roy in categories: cybercrime/malcode, finance
Cyber attackers around the world are looking at alternate file attachment types to trap users with phishing and malware attacks, according to a report by Bleeping Computer. The alternate attachment types come in the form of online, open-source file attachments, and the latest type that has now been spotted includes Microsoft OneNote files. According to the report, hackers are exploiting OneNote attachments in emails to trick users into downloading malware.
The report stated that hackers switched to OneNote, Microsoft’s online note-taking alternative to Word, after the company disabled ‘macros’ by default in email attachments. The latter, which refer to code snippets that execute a command upon a user opening the email attachment, were long since used by attackers to get users to download malware attachments.
By using macros, hackers would store malware within Microsoft Word or Excel documents. Once a user opened the attachment, the malware would get triggered automatically. These malware, in turn, could be used for a wide range of attacks — including remote code execution, botnets, financial or identity theft, or even spyware.