Just hovering over a link in PowerPoint can now infect your system with malware

  •   Ricky
  •   July 31, 2017
  •   224
  •   0
  • Photo Courtsey:
Loading...
Just hovering over a link in PowerPoint can now infect your system with malware

This new kind of attack will make you want to double-check your Office apps to make sure that Protected View is turned on.

Most often, you need to actually click on a link or run a program in order to get infected with a virus or other malware. Sometimes, however, black hat hackers figure out a way to infect a machine without the user doing anything at all.

That is the case with a new PowerPoint malware, which was discovered security company .This particular attack merely needs users to hover over a link with their mice in order to install a banking Trojan that has remote access, network traffic monitoring, information access, and other nefarious capabilities.

The Trojan is delivered to users in a spam email with a PowerPoint Show (PPS) or Open EML Slide Show (PPSX) file attached. These files are different from the usual PowerPoint files (PPT and PPTX) in that they can not be edited and they only open in presentation or slideshow modes.

Malicious links are embedded in the PowerPoint slides that use the mouseover action to execute code that seeks to install the Trojan. For users with Protected View turned on in later versions of Microsoft Office, a security prompt pops up that the user must click through in order to enable the installation. As usual, users should never click “Enable” in such dialog boxes unless they are absolutely certain of what is actually going to run. Needless to say, clicking “Enable All” almost universally a bad idea.

This new kind of attack will make you want to double-check your Offic