Cybercriminals can use many techniques to sneak viruses and all kinds of malware. From a simple email with a link to a malicious website, to sneaking fraudulent applications for you to install. In this article, we echo how they are using both Dropbox and Google Docs to distribute dangerous malware that can put your devices at risk. We are going to explain what you can do to protect yourself.
Specifically, it is a Trojan known as Orcinius. It has the ability to hide its infection, so it goes unnoticed. It is using these two platforms to keep itself always up to date and thus distribute malicious payloads with which hackers could achieve their goal.
Dropbox and Docs to distribute Orcinius
This malware has a hidden VBA macro with the ability to connect to Windows and start monitoring running windows, keystrokes, or registry key usage. Therefore, it could steal the passwords you enter when logging into any platform, among other things.
But how does it infect? ​​It seems that what they are using is an Excel document that simulates a calendar. This document has three sheets and the file contains a modified VBA macro, since they have destroyed the original source code and left the maliciously modified code.
As is often the case with this type of malicious file, once the document is opened and the macros are executed, the problem begins. Cybercriminals are using Dropbox and Google Docs to keep it updated and to be able to distribute the malicious payloads in a second stage, which is when they start recording keystrokes or viewing all the windows you have open.
How to avoid this trojan
It is important to take measures to avoid falling victim to this Trojan called Orcinius, but also to any other similar ones that may reach you. If you use the cloud, on platforms such as Dropbox, Google Drive and similar, it is essential that you avoid making mistakes. Do not open unknown links, or download or run files that could be a trap. Common sense is going to be your first barrier to protect yourself.
It’s also a good idea to have a good antivirus installed on your computer. If you accidentally download a malicious file, a security program could help you detect that problem and remove it as soon as possible. You’ll be faced with many options, so you should always carefully consider which one you’re going to install. Otherwise, you might end up with a program that doesn’t really improve your protection. You could use VirusTotal to scan files.
On the other hand, keeping your system up to date is another way to avoid security issues. In many cases, hackers will exploit vulnerabilities that may exist. They could use that flaw as a gateway and sneak in malware, steal data, etc. Always make sure that everything is up to date.
In short, be careful with Dropbox and Google Docs, as they can be used to distribute malware. Be especially careful with Word and Excel files, which could contain malicious payloads. Always make sure to use a good antivirus and keep everything up to date.