Microsoft's Security Intelligence team is warning of a malicious email campaign, in which people are receiving messages claiming to originate from the Johns Hopkins Center with attachments that are alleged to contain statistics on COVID-19 cases, but instead, when opened, install and run attacks on computer systems.
The email phishing campaign was detailed by Microsoft's Security Intelligence team on Twitter. Microsoft said that the messages have been circulating since at least May 12, reports Techspot. The topic of COVID-19 is used to lure users into opening both the email and the attachment.
"We’re tracking a massive campaign that delivers the legitimate remote access tool NetSupport Manager using emails with attachments containing malicious Excel 4.0 macros," Microsoft's Security Intelligence Team said on Twitter. "The Covid-19 themed campaign started on May 12 and has so far used several hundreds of unique attachments."
The attachment contains Microsoft Excel files that are claimed to contain statistics on COVID-19 cases. Instead, if opened, the attachments use Excel 4.0 macros that install and run NetSupport Manager.
The program is described as a legitimate tool that's used for desktop access and remote control, but it can also be used by attackers who run code through it on compromised machines. It allows a remote tool that connects to a server that allows it to run several files on infected computers.
Microsoft's Security Intelligence team says it has seen the growing use of Excel 4.0 macros in malicious campaigns, including using them in combination with COVID-19 lures, since April.
© 2021 Newsmax. All rights reserved.