OpenDocument Malware

By Mezo in Malware, Remote Administration Tools

Translate To:

Cybercriminals are using corrupted OpenDocument files as a way to infect the systems of their victims with AsyncRAT. So far, the main targets of the threatening campaign appear to be hotels located in the Latin American region.

OpenDocument is a legitimate file format used by Office Applications. However, the attackers have created a manipulated file in this format. It is delivered by lure emails where the attached poisoned file is presented as a booking request or a guest registration document. The targeted victims are asked to open the file and update the relevant fields. Those that agree will be further presented with an Excel document that requests macros to be enabled, supposedly so that it can be opened properly. Instead, a threatening RAT (Remote Access Trojan) named AsyncRAT will be deployed to the device.

The malware can perform numerous, intrusive actions on the infected device. Depending on the commands received from its operators, AsyncRAT can manipulate the file system, upload chosen files, start or kill processes, initiate keylogging routines, and spy on the activities on the system. In short, threat actors can use AsyncRAT to deliver additional, more specialized malware payloads to the victim's device, obtain sensitive or confidential information, open specific websites and more.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

OpenDocument Malware

Submit Comment

Trending

Safe Search Eng

Findtheirreport.com

MarioLocker Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen