Table of Contents
Table of ContentsHackers Use Internet Explorer for Cryptocurrency Mining
According to Microsoft, they have around 1.2 billion office users and 60 million Office 365 commercial customers. To maintain its users, they give regular updates and fix the bugs it they have any in MS Office. Recently they have added a new feature in Microsoft Word, which is an online video feature. Using this feature, you can include a remote video in Word document without embedding thus making the document size less. But nowadays hackers are using this feature wrongly as this feature allows hackers to veil cryptojacking script in Microsoft Word documents to secretly bargain Monero from users.
How Can Hackers Secretly Enter Your Computer?
As we have mentioned above, hackers use Microsoft Word documents to distribute cryptocurrency mining scripts to capture user’s Computer for mining Monero. They use Microsoft’s new feature to hijack the CPU of users Computer.
Let’s see how a hijacker can use this new feature of Microsoft.
This new feature permits a user to simply paste the iframe embed code in a Word document to add an Internet video. To insert an HTML code into a document it must be running in the background as MS Word is skilled for phrasing code. As per the Votiro, image should be a type of CT WebVideoPr as it supports embedded HTML code.
<wp15:webVideoPrxmlns:wp15=”http://schemas.microsoft.com/office/word/2012/wordprocessingDrawing” embeddedHtml=”<marquee> What? </marquee>”/>
This frame is an encapsulated iexplore.exe process, attained by using the: ieproxy!CWebBrowserHandler_CreateInstanceWrapper method (of ieproxy!CWebBrowserHandler class).
Above HTML performed only basic process, however it poses several security risks, which we would like to share it with you.
Hackers Use Internet Explorer for Cryptocurrency Mining
To make their attack 100% successful, they usually use a trick, in which they add a trailer of the video. Unaware! the user is tempted to watch the complete video.
Microsoft Words new feature could also be used to embed phishing pages inside files as well. This ‘Online Video’ feature occurs in other products of the Office 365 suite, including OneNote and PowerPoint.
Unlike MS Word, it appears that this ‘Online Video’ feature is held by them in a secure manner.
To sum up, we advise users to be distrustful when they come across a Word document bearing an Online Video, as we don’t know what that video contains. And you should be careful while opening a Word file through email. Also make sure that your Computer is up-to-date with security program and latest update of security patches, specifically Internet Explorer.