Over time cybercriminals become more and more creative, and it seems that this eternal advice that is given us all the time about not clicking on suspicious things, begins to fall short to protect us from some threats, since in many cases We do not even have to take that action.
A new Office malware downloads a Trojan to your computer by simply hovering over a link within a PowerPoint presentation. This is a new type of threat that no longer requires the use of Office macros to run malicious scripts and download and install malware on a computer.
Security researchers have discovered a PowerPoint file loaded with this trap. The presentation is sent to victims via email as an attachment posing as an email confirming purchase of a product.
Malware Infected To .ppsx Extension Files
The infected file extension is .ppsx, that is, the read-only PowerPoint presentation file that can not be edited. The file contains a single slide that displays a misleading message loading as seen in the image above.
When the user passes the mouse pointer over the text with the link, the malicious code is immediately executed. Luckily, in Office 2010 and later, there is an active security feature by default that will display a security warning preventing the attack.
” Office Protected View ” or “protected view” of documents, blocks document editing, downloading attachments, and in this case malware attack. Unfortunately, it is one of those functions that the user can decide to ignore as annoying, and more than one completely deactivates because it usually detects false positives.