Johannesburg — CYBER criminals are abusing office document software to profile potential victims for targeted attacks. Kaspersky Lab, the global cyber security company, has made the discovery. Its experts have discovered a feature in popular document-creation software that has been abused by attackers to launch successful targeted attacks. Using a malicious application that activates when the simple office document is opened, information about the software installed on the victim's device is sent automatically to the attackers, with no user interaction required. This data allows attackers to understand what type of exploit they should use in order to hack the targeted device. The attack technique works on both desktop and mobile versions of popular text processing software. Kaspersky Lab has observed this method of profiling used in the wild by at least one cyberespionage actor, which the company's researchers call FreakyShelly. Kaspersky Lab has reported the issue to the software vendor but it has not yet been fully patched.
Africa: Cyber Crooks Sustain Malicious Onslaught
Copyright © 2017 CAJ News Agency. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.
AllAfrica publishes around 800 reports a day from more than 140 news organizations and over 500 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.