+- Red Security (https://redsecurity.info/cc)
+-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1)
+--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4)
+--- Thread: News Hackers Hijack Windows 10 RDP ActiveX Control To Download TrickBot Malware (/showthread.php?tid=1404)
Hackers Hijack Windows 10 RDP ActiveX Control To Download TrickBot Malware - Mr.Kurd - 03-01-2020
In The Name OF Allah
Al-Salam Alekum
![[Image: Windows_virus.jpg]](https://images.hothardware.com/contentimages/newsitem/50899/content/Windows_virus.jpg)
Windows RDP under punishment xD Hackers start sending emails which contain a word file....
Quote:The hackers are using the remote desktop ActiveX control in Word documents to carry out their malicious deeds. Once initiated on a Windows 10 PC, the ActiveX control automatically executes a malware downloader called Ostap, which was recently adopted by TrickBot for delivering payloads. And it all starts with phishing.
Malicious actors send out emails masquerading as notifications of a missing payment. The emails direct victims to view a fake invoice attachment, which in actuality is a booby-trapped Word document.
"The downloader is delivered as a Microsoft Word 2007 macro-enabled document (.DOCM) that contains the two components of the downloader: a VBA macro and the JScript. The emails and samples analyzed were themed as purchase orders, suggesting that the campaigns were likely intended to target businesses rather than individuals," researchers at Bromium explain.
The Source
Wa Salam Alekum