The Latest in IT Security

Locky updated to exploit Office DDE feature and spread ransomware

23
Oct
2017
Locky updated to exploit Office DDE feature and spread ransomware

33474784455_928ca3f565_b-990x556

A legitimate feature in Microsoft Office that allows Word to load data from other documents is being exploited to push a new variant of the Locky ransomware. Victims are reportedly targeted with malspam messages via the infamous Necurs botnet.

Under the subject line “Emailed Invoice” followed by a string of random numbers, the malspam attack leverages Microsoft Dynamic Data Exchange (DDE). Distributed with the aid of the Necurs botnet, the exploit makes Microsoft Word display dialog messages that some users might dismiss reflexively, even though the dialogs contain security warnings.

Read More

Leave a reply


Categories

SATURDAY, NOVEMBER 18, 2017

Featured

Archives

Latest Comments

Social Networks