This blog contains analysis on how OneNote documents are used malicious and two specific campaigns that made use of OneNote documents to download and execute the Qakbot malware. Due to a feature that allows users to attach files to OneNote documents it makes them a good alternative to LNK files as distribution vehicle to deploy their malware. Such as their shift to LNK files after Microsoft introduced a policy change disabled office macros by default. Malicious Actors are always trying to find new ways in to infect their victims. It is installed by default in Microsoft Office 2021 and Microsoft 365. It is a note-taking app that allows collaboration across organizations while enabling users to embed files and other artifacts. OneNote is a Microsoft digital notebook application that can be downloaded for free. McAfee Labs has recently observed a new Malware campaign which use d malicious OneNote documents to entice users to click on an embedded file to download and execute the Qakbot trojan. Authored By Anandeshwar Unnikrishnan, Sakshi Jaiswal,Anuradha M
0 kommentar(er)
