New Trojan Malware through Word

New phishing emails that contain trojan malware are spreading, according to experts. The malware, named Ursnif, is contained in Word documents through emails and allow cyber hackers to steal personal credentials.

Ursnif isn’t the first of its kind, however. It was reported that this particular variant has been around since 2007 and specifically targets Windows OS. Fortinet, a top-rated security platform, recently stated this threat to be highly active.

“When a victim opens the Word document, it displays a security warning message designed to protect MS Word users from malicious macros (VBA code).  However, the document content deceives victims to click the “Enable Content” button, as shown in Figure 1. When the button is clicked, the malicious VBA code is executed because the code is in an AutoOpen sub that is executed at opening the document.”

Source: fortinet.com – Figure 1

It’s highly advised that you do not open any documents through e-mails unless you know exactly who it is from. Be sure to double check the address it was sent from as well. Many times, the name will show up legit, but the email address itself does not match.

Leave a Reply