Illustrative photo – Building of the National Office for Cyber and Information Security (NÚKIB) in Mučednická Street in Brno on April 30, 2021.
Brno – National Office for Cyber Security ( NÚKIB) warns against the misuse of e-mail attachments of Microsoft's OneNote application. There is a growing number of cases where attackers use these attachments to disguise a malicious file, so-called malware, which allows the attacker to remotely access the attacked computer. NÚKIB informed about it in a press release.
Advertisement'; }
“For a successful exploit, the attacker needs the victim's interaction: after opening the email and the OneNote attachment, a blurred document is displayed with a large 'Double Click To View File' text that visually overlays the malicious files,” the agency said. After the recipient double-clicks on the notification, a warning appears, but most people ignore it and confirm that they want to continue. This confirmation starts the files.
“Cyber security company Proofpoint recorded more than 50 different attack campaigns in January of this year. These campaigns include thousands of emails without specific targets in Europe and North America, which usually they abuse common topics such as taxes, package collection, invoices and the like. The most frequently downloaded malware includes AsyncRAT, Quasar RAT, Redline and Xworm,” added the office.
Microsoft already dealt with attempts to abuse its application last year, now but the attackers have come up with a new type of attack. According to NÚKIB, it is likely that the new method of exploiting OneNote attachments will gradually be adopted by more and more attackers. In order to succeed and control the compromised computer, they need the cooperation of the recipient computer. He can thus defend himself against the attack by being extremely careful when opening any attachments on his devices.
