Hackers have many methods to be able to steal from victims. Sometimes they use more sophisticated strategies, but other times really simple things. In this article we are going to talk about a threat that is based on a Word file. Through these types of files they manage to load malicious code and swindle the victim. It is important to take action and not fall into the trap.
Word file to strain SVCReady malware
Specifically, it is the SVCReady malware that sneaks in through a Word file. Through the properties of this type of document, it manages to execute malicious VBA macros. It arrives via an email attachment, so once again email is once again a widely used entry route for attackers.
A group of HP security researchers has detected that this threat has been active for several months. However, it has received several updates and that suggests that it is still in an early stage of development. It is a major security issue, which can affect many users.
We can say that everything starts with an email we receive. That email contains a malicious Word file. Through a traditional Phishing attack, they seek to make the victim click and open that document. However, there is a difference compared to other similar threats, and that is that this time it executes malicious payloads through VBA and not through PowerShell or MSHTA, which is usual.
They use the strategy of splitting the macros of the malicious Shell code in order to bypass security measures. From there, once it is executed, it will infect the system, it will start querying the Windows Registry and sending the collected information to a server controlled by the attackers.
This malware has many functions once it has infected the victim. It is capable of downloading a file, taking screenshots, executing commands, gathering system information, viewing USB-connected devices, etc. All this will put security and privacy at risk.
What to do to avoid this problem
What can we do to avoid being victims of this attack that uses a Word file? The truth is that protecting ourselves is simple. The attacker is going to need us to click and open that document that comes to us by e-mail. Therefore, the main thing is common sense and not to make mistakes. You should never open a document if you don’t really know who the source is and you’re not sure it’s legitimate. You can always see if a Word is reliable.
In addition, it is also important to have updated security programs. A good antivirus can help detect such threats and remove them before they can run and compromise your security. There are many options available, both free and paid, but you should always choose which one to use correctly.
Another important point is that you should always update the system. Many threats like this can exploit vulnerabilities on your computer. Having the latest versions, having everything up to date, will correct these errors and hackers will not find an open door to attack.
