Microsoft warns of dangerous phishing wave using Covid-19 and Excel figures

The Microsoft Security Intelligence team discovered that hackers were using the Covid-19 to trap Internet users with emails with fake attachments. Behind an ordinary Excel sheet hides a macro which installs a program to take remote control of the computer.

The epidemic of Covid-19 continues to inspire the pirates, and Microsoft has discovered a phishing campaign ( phishing English) took advantage of the pandemic worldwide to trap users. But the Security Intelligence department mainly revealed that behind this  phishing hid an attempt to take control of the computer remotely, and that since May 12, the campaign would have gained momentum.

Concretely, the victim receives an email offering to access the latest statistics on the Covid-19. In attachment, an Excel sheet with the latest figures proposed by the very serious Johns Hopkins Center , the reference in the United States to follow the Covid-19 epidemic. Except that the Excel sheet includes a malicious macro, which would be responsible for installing and running NetSupport Manager.

Behind this graph of deaths and infections at Covid-19, a macro-rogue to take remote access to the computer © Microsoft

Remote access from the Windows desktop

Well known to developers and system administrators, NetSupport Manager is a tool that allows remote control and access to the Windows desktop, and hackers therefore use Excel macros to trap Internet users and businesses, and thereby ‘install at their expense. Then, the tool connects to a remote server to issue more commands and execute scripts and files.

What worries Microsoft is that attachments have evolved over the past 15 days, and that there are many different ones. The editor recommends not to open attachments linked to emails on the Covid-19 and reminds that it is possible to block the execution of macros inside Excel itself. If in doubt about the sender, do not accept the execution of macros since they integrate scripts likely to be decoys for hacking. Likewise, do not open Excel sheets  from an unknown or difficult to identify sender.

This will also interest you