Microsoft has issued an alert to all users regarding a widespread phishing attack based around COVID-19.
As unscrupulous idiots continue to try to take advantage of the current pandemic, opening the attached Excel files will install the NetSupport Manager admin tool onto a user’s system, allowing it to be controlled remotely.
A series of tweets highlighted the issue which has continued to spread around the globe. The email arrives purporting to be from the John Hopkins Center and provides information on the current number of coronavirus deaths in the USA.
The chart attached however enables macros which then downloads the software allowed remote access.
Microsoft said: “The hundreds of unique Excel files in this campaign use highly obfuscated formulas, but all of them connect to the same URL to download the payload. NetSupport Manager is known for being abused by attackers to gain remote access to and run commands on compromised machines.”
In short, there is no threat unless you open the excel document and enable the content. If you have been compromised however make sure you run a thorough virus check and change all of your passwords immediately.
It’s hard enough out there at the moment without falling into nasty traps like this so think twice before opening anything you weren’t expecting.
