Hackers hide crypto address-swapping malware in Microsoft Office add-in bundles

Q: How long will it take to read this news story?

The story "Hackers hide crypto address-swapping malware in Microsoft Office add-in bundles" has 480 words across 22 sentences, which will take approximately 2 - 4 minutes for the average person to read.

Q: Which news outlet covered this story?

The story "Hackers hide crypto address-swapping malware in Microsoft Office add-in bundles" was covered 1 weeks ago by Coin Telegraph, a news publisher based in United States.

Q: How trustworthy is 'Coin Telegraph' news outlet?

Coin Telegraph is a fully independent (privately-owned) news outlet established in 2013 that covers mostly crypto news. The outlet is headquartered in United States and publishes an average of 48 news stories per day. It's most recent story was published 7 hours ago.

Q: What do people currently think of this news story?

The sentiment for this story is currently Negative, indicating that people regard this as "bad news".

Q: How do I report this news for inaccuracy?

You can report an inaccurate news publication to us via our contact page. Please also include the news #ID number and the URL to this story.<ul><li>News ID: #27744744</li><li>URL: https://beamstart.com/news/hackers-hide-crypto-address-swapping-1744164801782</li></ul>

Coin Telegraph 1w ago

Hackers hide crypto address-swapping malware in Microsoft Office add-in bundles - Coin Telegraph

Quick Summary:

The firm said attackers secure access to an infected system “through multiple methods, including unconventional ones.”“While the attack primarily targets cryptocurrency by deploying a miner and ClipBanker, the attackers could sell system access to more dangerous actors.” The interface is in Russian, which Kaspersky speculates could mean it targets Russian-speaking users.“Our telemetry indicates that 90% of potential victims are in Russia, where 4,604 users encountered the scheme between early January and late March,” the report stated.

One of the malicious listings, called “officepackage,” has real Microsoft Office add-ins but hides a malware called ClipBanker that replaces a coped crypto wallet address on a computer's clipboard with the attacker's address, Kaspersky’s Anti-Malware Research Team said in an April 8 report.“Users of crypto wallets typically copy addresses instead of typing them.

Attackers could sell system access to othersKaspersky says some of the files in the bogus download are small, which raises “red flags, as office applications are never that small, even when compressed.” Other files are padded out with junk to convince users they are looking at a genuine software installer.