Danny Palmer reports:
Hackers are exploiting vulnerabilities in Microsoft Office software to spread a sophisticated form of malware capable of stealing credentials, dropping additional malware, cryptocurrency mining and conducting distributed denial-of-service (DDoS) attacks.
The malware has been active since 2016 and despite its powerful capabilities, it’s available to purchase on underground forums for as little as $75.
Researchers at FireEye have observed a new campaign attempting to deliver the malware via spam emails to targets in the telecommunications, insurance and financial industries, with all of these attacks attempting to exploit recent vulnerabilities uncovered in Microsoft Office software.
Read more on ZDNet.