Malicious Word Files with External Links of Similar Domain Form
Most malicious Word files that have been discovered in attacks contained macro, however, the ASEC analysis team has discovered a case where an external link connecting to an active C2 was used in a superior attack process to execute the malicious Word macro. This method was introduced in a previous
Distribution of RTF Vulnerability Malware that Takes Advantage of Microsoft Office Word’s External Connection
Distribution of RTF vulnerability (CVE-2017-11882) malware that uses external connection of MS Office Word document has been found. Employees must be on the lookout as the attacker is using spam e-mails to distribute malware to domestic shopping malls and other businesses. Recently, the distribution of MS Office Word malware using
Malicious Word File Disguised as Compensation Request Form (External Connection + VBA Macro)
With malicious document files being distributed in various document formats such as HWP, DOC, XSLX, and PDF, it is safe to say that such a document-based malware has become a new trend among attackers. In pursuit of this trend, ASEC analysis team has been publishing various articles that contain related information
