SoylentNews is people
SoylentNews
from the CxOs-never-look-at-powerpoint-files dept.
Criminal hackers have started using a novel malware attack that infects people when their mouse hovers over a link embedded in a malicious PowerPoint file.
The method—which was used in a recent spam campaign that attempted to install a bank-fraud backdoor alternately known as Zusy, OTLARD, and Gootkit—is notable because it didn't rely on macros, visual basic scripts, or JavaScript to deliver its payload. Those methods are so widely used that many people are able to recognize them before falling victim.
Instead, the delivery technique made use of the Windows PowerShell tool, which was invoked when targets hovered over a booby-trapped hyperlink embedded in the attached PowerPoint document. Targets using newer versions of Microsoft Office would by default first receive a warning, but those dialogues can be muted when users are tricked into turning off Protected View, a mode that doesn't work when documents are being printed or edited. Targets using older versions of Office that don't offer Protected View are even more vulnerable.
"While features like macros, [object linking and embedding], and mouse hovers do have their good and legitimate uses, this technique is potent in the wrong hands," researchers from antivirus provider Trend Micro wrote in a blog post published Friday morning. "A socially engineered e-mail and mouse hover—and possibly a click if the latter is disabled—are all it would take to infect the victim."
Source: ArsTechnica
See also a report at Dodge This Security.
(Score: 3, Informative) by Grishnakh on Monday June 12 2017, @07:56PM (15 children)
It's been successful in that lots of businesses are locked into it at this point, but I imagine many of them are wishing they weren't.
Well if they get infected or ransomwared or whatever and it puts them out of business, they got what they deserved. They should have made better choices.
(Score: 0) by Anonymous Coward on Monday June 12 2017, @08:08PM (4 children)
I know right? They should use Linux and TuxWriter.
(Score: 2) by DannyB on Monday June 12 2017, @08:11PM (2 children)
MS-DOS and Edlin you suggester of non-Microsoft anointed technologies.
The lower I set my standards the more accomplishments I have.
(Score: 2) by bob_super on Monday June 12 2017, @10:11PM (1 child)
Or just use Office 2003 on airgapped PCs. Good usability, total safety.
What? There's a virus on Jim's PC? Sorry Jim, you're the only one with the key to your PC's cabinet, and we talked about sanitizing all USB drives in the training...
(Score: 2) by jcross on Monday June 12 2017, @11:37PM
It's hard to imagine the point of an office suite if you can't share the documents. I mean I guess all sharing could be done by printing, but that sucks for any kind of joint editing.
(Score: 2) by jimtheowl on Monday June 12 2017, @10:04PM
(Score: 4, Insightful) by DannyB on Monday June 12 2017, @08:08PM (9 children)
In about 1981 someone explained to me what it meant that "nobody ever got fired for buying IBM".
Background: a manager working on a project, buys IBM, and project fails.
What management says: I bought IBM, the best there is, so it shouldn't have failed. I guess this is just not possible to do.
(in an alternate universe, an explanation could be, you bought the "best" there is, it failed, and therefore you own the failure?)
Fast forward* to the 1990's: Nobody ever got fired for buying Microsoft.
( * unless you're using 8-track which has no fast forward, or some idiot 'invented' a poorly implemented FF)
Since Microsoft is a guarantee of success, everyone buys Microsoft.
Before the year 2000 it was obvious Microsoft was a security nightmare. The I Love You virus. The Code Red spreading across IIS servers like a forest fire. Directory traversal bugs in IIS -- mitigated by not allowing the dot-dot patterns in URLs. New directory traversal attacks by using character escaping. Fixed by not allowing dot-dot character escapes in URLs. New directory traversal attack by using double escaping of dot-dot characters, and taking advantage of the fact that the Windows filesystem would also do character escaping, and IIS after the first set of character escapes would not see any dot-dot patterns. IIS having buffer overflow attack if URL exceeds 8000 characters. SMB remote execution attacks. Many other attacks based on Windows being written in C / C++.
Fast forward* to today.
So yes, everyone who bought this crap absolutely deserves what they are getting today.
The lower I set my standards the more accomplishments I have.
(Score: 2) by kaszz on Monday June 12 2017, @08:46PM (8 children)
"nobody ever got fired for buying IBM" + manages and executive style people, is deep at the root as to why we have these bullshit problems. And then it went on to Microsoft because evil free OS and programs don't have a official support line or will bend to every detrimental need of every customer that didn't think through the overall situation. And of course free must be bad because you haven't pay'd for it.
Thankfully there is now a possibility apply strong Darwin to the problem ;-)
(Score: 2) by DannyB on Tuesday June 13 2017, @03:39PM (7 children)
If we're just talking about open source, I would point out that open source has already won. Microsoft's best days are behind it. Now it is a game where the glory days of monopoly are over and they have to fight for every inch -- like a real business. In order to stay relevant Microsoft is having to embrace open source because it is where the developers developers developers are at.
The Microsoft monopoly days are a blip in the history of technology an the software industry.
Open source is like the ocean tide. You can't stop it with your hands. You may be able to block some portion of the beach, such as desktop PCs, but everything else experiences the tide. Every single computer, microprocessor, microcontroller, or embedded computer application is now run by open source. ARM processors are sold by the billions while Intel chips are sold by the hundreds of millions. What OS runs on ARM chips -- not Windows, in any significant number.
The lower I set my standards the more accomplishments I have.
(Score: 2) by kaszz on Tuesday June 13 2017, @04:18PM (2 children)
It's not per CPU that matters here. But per person experience. Many people interact with work and the internet etc using Microsoft. And we still have this UEFI, DRM, TPM, Intel AMT, NVidia etc.. all sidelining open software.
(Score: 2) by DannyB on Tuesday June 13 2017, @04:29PM (1 child)
IIRC, Microsoft's browsers are no longer the majority. Or if majority, only a slim majority.
Another example of open source winning was that all of the open source browsers participated in web standardization while Microsoft actively worked against web standards in order to "microsoftize" the web. That failed.
It failed so badly that Microsoft just abandoned the IE codebase and build Edge for standards compliance. That is a great example of open source winning.
Many people may interact with the web using Edge, but it's at least standards compliant -- which Microsoft doesn't drive.
The lower I set my standards the more accomplishments I have.
(Score: 2) by kaszz on Wednesday June 14 2017, @12:53AM
I came to think of another aspect when you mentioned majority. It may be that majority is not the lone factor that is of importance but also how intelligent and knowledgeable the people using specific tools are. Those people will want to have those tools working.
(Score: 2) by Grishnakh on Wednesday June 14 2017, @03:18PM (3 children)
Every single computer, microprocessor, microcontroller, or embedded computer application is now run by open source
Where'd you get this idea?
Most business PCs still run Windows. Windows is not open-source in the slightest. There's no signs of this changing: Windows 10 with its horrid UI is here, and businesses are steadily converting.
PCs that don't run Windows are generally running MacOSX. It's not open-source either. Sure, some bits of it are, but it's not like the user can actually modify anything on their Macbook, so having a sorta-open-source kernel really doesn't mean much in practical terms. All the important user-facing stuff is locked up.
Very few people except enthusiasts run Linux on their PCs. Worse, in the last decade I've seen a lot of Linux users convert to Mac, and at best run Linux within a VM for only particular tasks.
Almost all phones run either iOS or Android. iOS is as closed-source as you can get I think. Android uses the Linux kernel, but with tons of proprietary closed-source drivers. It's a total mess (because of the closed-source drivers); it's hard to modify it or make alternative ROMs because of this issue. Parts of the rest of the OS are open-source (AOSP), but other parts are not, so building your own AOSP ROMset, if you can get past the driver issue (which basically means being stuck on a particular kernel version) means you're missing a lot of functionality that other Android users take for granted. Worse still, Google is working on eliminating the use of the Linux kernel, and changing to some other in-house kernel.
I'm sorry, but you seem completely deluded. As much as I'd like to see a bright open-source future coming soon, I don't. I see a future full of proprietary OSes and walled gardens. Before long, you won't even be able to install any software on your computer (PC or mobile device) without getting it from the vendor's app store. Windows is headed that way quickly. The sad fact is that most people just don't care about freedom, only convenience, and due to the necessity of standards and interoperability, you'll shut yourself out of society and employment if you don't follow the crowd to a certain extent.
(Score: 2) by DannyB on Wednesday June 14 2017, @06:26PM (2 children)
Dang! I meant to qualify that to exclude desktop PCs. Everything else is largely open source.
The lower I set my standards the more accomplishments I have.
(Score: 2) by Grishnakh on Wednesday June 14 2017, @06:32PM (1 child)
You didn't read my post, did you? I specifically noted both PCs and mobile devices. Hint: iOS is not open-source.
(Score: 2) by DannyB on Wednesday June 14 2017, @07:06PM
You're right. I skimmed. I didn't consider iOS. But it is NOT a majority. Android has about 4/5 of the smartphones, and rising. So my statement about the majority of non-desktop devices running open source would still seem to apply.
The lower I set my standards the more accomplishments I have.