CyberNews Briefs

Microsoft warns of ‘massive’ phishing attack pushing legit RAT

Microsoft’s Security Intelligence team has recently warned users of a phishing campaign with a COVID-19 theme that installs NetSupport Manager remote, an administration tool. The campaign is spreading the tool through various malicious Excel attachments on emails pretending to be from the Johns Hopkins Center, providing information on the number of COVID-19 deaths in the US.

The document, however, contains malicious macros and will ask the user to “enable content.” This then allows the macros to be executed, installing NetSupport Manager client from a remote site. Microsoft stated that the NetSupport Manager is a legitimate remote administration tool that is frequently manipulated as a remote access trojan. Microsoft added that the hundreds of unique Excel files featured in the campaign connect to the same URL that downloads the payload.

Read More: Microsoft warns of ‘massive’ phishing attack pushing legit RAT

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.