Home News Attackers using fake Office 365 Site to inject Trickbot Trojan

Attackers using fake Office 365 Site to inject Trickbot Trojan

Hackers Target Office 365 Users with SurveyMonkey Phishing Campaign

Cybercriminals are using popular online sites or services to spread malware and exploit, a research claimed. Hackers are using phony Office 365 website to trick users into downloading the TrickBot password-stealing Trojan masked as Chrome and Firefox browser updates, the Bleeping Computer reported.

The fake Office 365 site was found by independent security research team MalwareHunterTeam. The security team explained that the fake site gives a pop-up stating that the user’s browser needs an update. When the user clicks on the update option, an executable named upd365_58v01.exe gets downloaded that installs the TrickBot information-stealing Trojan on the computer to exploit.

“For example, when using Google Chrome to visit the page, it will show an alert titled “Chrome Update Center” and state that you are using an older version of Chrome that could lead to loss of data and browser errors,” the team said in a statement.

Microsoft recently discovered a security vulnerability that exists in its Outlook for Android app. In its security advisory, Microsoft stated that the older versions before 3.0.88 of Outlook for Android carries a spoofing vulnerability that allows attackers to perform cross-site scripting (XSS) on mobile devices.

The security flaw, named as CVE-2019-1105, could be exploited by attackers by sending a specially crafted email message to the victims. Once compromised, the attackers can perform XSS attacks and run malicious scripts. Microsoft stated the flaw was reported by multiple security researchers, including Bryan Appleby from F5 Networks, Sander Vanrapenbusch, Tom Wyckhuys, Eliraz Duek from CyberArk, and Gaurav Kumar. The company also clarified that it has mitigated the flaw and notified the users to update the Outlook applications on their devices.

Recently, Microsoft issued an alert to several users of over its mail platform Outlook hack. In a wordy notification, it stated hackers may have accessed data sent by several users on the platform between January 01, 2019, and March 28, 2019.