Another Cyber-Threat Targets MS Office Users

As long as cyber attacks remain profitable, hackers will be in business

We said 2014 was the “Year of the Cyber Attack”, but as you can see from our recent blogging 2015 is already making a serious run for the title.

The latest attack to come to light is hitting users through Microsoft Office, and results in the Dridex banking malware being installed on the affected system.

eWeek’s Sean Michael Kerner dug deeper into how this particular cyber attack works:

The Dridex banking malware is being used in a malicious spam campaign that is generating 15,000 emails a day, according to security firm Trustwave. The attacks, largely against users in the United Kingdom, are leveraging macros in Microsoft Office documents to infect users.

The way the attack works is that a user receives an infected Office document that includes a macro that triggers a download of the Dridex banking malware. Dridex steals user banking information and attempts to generate fraudulent financial transactions.

So far, Trustwave has not yet identified the group behind the new Dridex attack.

Microsoft Office exists on nearly every work PC, and it’s no rare thing to send and receive Word docs on a daily basis for most, making this a particularly tricky attack.

For this type of cyber-attack, as with so many others, the number one crisis prevention tactic is to educate your employees. If they know how to spot emails containing hack attempts before they ever download and open the programs inside, then they can simply trash them and report to the IT department, and you don’t have to deal with infected systems, stolen information, and all of the headaches that follow.

Jonathan & Erik Bernstein